Data sharing for national crisis response

Policy details

Metadata item Details
Publication date:14 August 2023
Owner:Central Policy Secretariat
Who this is for:Analysts holding or using data relevant to crisis situations
Type:Guidance
Contact:GSS@statistics.gov.uk

Scope

Having access to the latest and most relevant data is central to any crisis response. This document brings together the main principles and existing guidance into a single document to complement departmental procedures, frameworks and principles for data sharing during times of national crisis.

This guidance is:

  • a set of principles for data sharing to consider where there is an urgent need or national crisis
  • a collation of existing best practice guidance, including the Code of Practice for Statistics, interpreted in the context of national emergencies
  • a framework to complement and build upon department or team specific guidance and procedures

This guidance is not:

  • a replacement for departmental security and sharing procedures, or existing cross-government data sharing standards
  • a basis to disregard handling instructions of personal, sensitive data, or data governed by specific data sharing agreements
  • an exhaustive list of all scenarios where the need to share data may arise
Back to top of page

Main principles

Data informed response

Data is of immense public importance, especially in crisis situations. When high quality data is correctly applied to provide enhanced insights and improved situational awareness, it can be of great benefit to decision makers directing scarce resources at pace. But data can cause significant issues if it is poorly assured and applied incorrectly. Sharing relevant information in an emergency and working flexibly with stakeholders (while observing handling sensitivities and relevant legislation on data sharing) can help mitigate the effects and support better outcomes.

Preparation is fundamental

Emergency situations are inherently fast paced and pressurised. The best way to effectively mitigate and respond to crises is to prepare before they occur. Alongside other parts of business contingency, plans should be in place to understand what and how analytical insights would be produced and shared during different crisis scenarios. This should include a clear understanding of roles and responsibilities, data pipelines for effective dissemination and the identification of capability gaps. Data which may be critical during a crisis should be well quality assured and reviewed in “normal” periods as preparation for crisis periods.

Accessibility

Where data are used publicly, they should be equally available to all and published at a sufficient level of detail. Where appropriate, important data and methods should be routinely published to support public trust in the statistical system. Aiming for open access in normal business operations helps increase the efficiency of data sharing in a crisis, improves data quality and reduces the risk of accidental misuse.

Where relevant data is not shared with decision makers responding to a crisis, this risks hindering the effectiveness of their actions. And where data used publicly is not accessible to all, this risks damaging confidence in information from official sources at a time when trust is paramount.

Assurance

Assurance remains essential in a crisis. It should be proportionate and transparent. To respond quickly, close and continuous work with users and relevant policy makers is needed to identify what they need to know, and to support them in understanding trade-offs and risks involved. Quality assurance should be proportionate to the risks associated with the use of the analysis and the time available. Crises will also change the risk profile and value of previously assured data. Proportionate assurance should not make it more difficult to share data, but requires close engagement with users, as well as frank and clear communication on what quality assurance has been conducted. For example, it is important to communicate what has been reviewed, potential unknowns and distortive effects, and assumptions made.

Engage with crisis management structures

The National Situation Centre (SitCen) brings timely data, analysis and insights from across and beyond Government to support situational awareness on crisis and national security issues. It is essential in both peacetime and crises to work with central teams, such as SitCen, to ensure that the full range of insights held by government can be accessed by those who need it, when it is needed most.

Back to top of page

Definitions and structures

In the context of this guidance, a “crisis” is an acute event that needs a large-scale response to prevent damage to human welfare, the environment, or the UK’s security. The National Situation Centre is the main body responsible for coordinating data and analysis for use in crisis contexts.

What we mean by “crisis”

The Civil Contingencies Act (2004) sets out the legislative framework for emergency response and planning in the UK. It defines an “emergency” as one of the following:

  • an event or situation which threatens serious damage to human welfare in the UK (or in a Part or region)
  • an event or situation which threatens serious damage to the environment of the UK (or of a Part or region)
  • war, or terrorism, which threatens serious damage to the security of the UK

This includes situations which may cause loss of life, homelessness, disruption to essential infrastructure (such as power, water, healthcare, or transport), or environmental contamination. Within government, scenarios likely to be covered by this definition of emergency are laid out and assessed in the National Security Risk Assessment (NSRA) and National Risk Register (NRR).

In practice, crises occur of varying severity and the “threshold” for a crisis or national emergency may be ambiguous. This could be because a crisis is more localised, less visible in its effects, or yet to fully materialise. It is also possible the anticipated crisis scenario may not materialise altogether. Recent crises include the COVID-19 pandemic, and the Russian full-scale invasion of Ukraine and subsequent effects. It is always important to engage with and take seriously requests for information to inform a crisis response, even if the immediate need is not apparent. Part of effective crisis management is acting before the full extent of the effects are felt.

Crisis management in government

Cabinet Office Briefing Room (COBR) Unit

Central crisis coordination and preparation is managed by the Cabinet Office. The Cabinet Office Briefing Room (COBR) Unit leads the UK Government’s response to acute emergencies and further professionalisation of emergency management in government. The COBR Unit provide the coordination mechanism through which the UK Government responds quickly to emergencies that need decisions urgently. Ministers and senior officials are brought together in COBR to ensure a common appreciation of the situation and to facilitate effective and timely decision making in responding to domestic and international emergencies affecting UK interests.

National Situation Centre (SitCen)

The National Situation Centre (SitCen) was established in 2021 to bring together data, analysis and expertise for crisis management. Announced as part of the Integrated Review, and drawing upon lessons learned from the COVID-19 pandemic, the SitCen has accelerated the UK Government’s journey of modernisation and use of data in crisis preparedness and response. SitCen work closely with the COBR Unit are the main mechanism through which data and analytical insights are brought together and presented to decision makers in emergency scenarios.

Resilience Directorate

Within Cabinet Office, the Resilience Directorate complements the work of COBR Unit and SitCen and takes a strategic approach to economic and societal resilience, overseeing how the UK is dealing with both acute and chronic risks to make the UK a stable and safe place to live and work. It leads the implementation of measures and frameworks, including the National Security Risk Assessment (NSRA).

Lead Government Departments (LGD) and Local Resilience Forums (LRF)

While the Cabinet Office provides central coordination, crisis management involves all parts of government, whether national and local. Each risk identified in the NSRA is assigned a LGD responsible for ensuring their risks are well understood, managed, and invested in across the risk lifecycle. At a local level, the 42 LRFs in England and Wales, three Regional Resilience Partnerships (RRPs) in Scotland, and Emergency Preparedness Groups (EPGs) in Northern Ireland play a critical role in bringing local responders together to plan and prepare for emergencies.

Main learning point

In the context of this guidance, a “crisis” is an acute event that needs a large-scale response to prevent damage to human welfare, the environment, or the UK’s security. The National Situation Centre is the main body responsible for coordinating data and analysis for use in crisis contexts.

Relevant materials

You may find the following resources useful:

Back to top of page

Assessing what and when to share

Data types

The type of data will determine your ability to share it. As required by the Code of Practice for Statistics, statistics and data should be published in forms that enable their reuse. You should use existing data wherever possible and only ask for more where justified.

Some forms of data are governed by their own specific legislation and regulations which must be adhered to, even in times of crisis response. Data that are classified as personal, commercial sensitive, or governed by specific data sharing agreements must be handled according to relevant legislation, frameworks, and security procedures. A piece of data may cover multiple types of data for example, both personal data and sensitive data.

The security classification of the data in question will also play an important role in how it can be shared. Individual departmental procedures related to the handling of higher classification information must also be followed in all circumstances.

This refers to information relating to natural persons who can be either:

  • identified (or who are identifiable) directly from the information in question
  • indirectly identified from that information in combination with other information
Sharing considerations

This information must be handled and shared strictly according to UK GDPR and Data Protection Act 2018, a full description of which is outside the scope of this guidance. Most departmental intranets will have tailored guidance on handling personal data which may also cover data ethics principles to be considered. If you are unsure, always contact your department’s Data Protection Officer in first instance.

This refers to data received from an external organisation (government or otherwise) through a specific data sharing agreement or similar arrangement.

Sharing considerations

Explicit permission to share data in crisis scenarios should be sought from the data provider.

This refers to data classified as “SECRET” or “TOP SECRET”, or with a “SENSITIVE” handling instruction.

Sharing considerations

Data must strictly be shared according to its handling instructions and not moved or shared to a system or individual which is not approved to receive it.

This refers to combined and collated information that has been collected in the normal course of business to inform operational delivery, policy development, and the management of organisational performance. Management information is usually based on administrative data, but it can also be a product of survey data.

Sharing considerations

Depending on other sensitivities, management information may be shared internally and between government organisations for specific policy, operational, and managerial purposes. This includes management information that will form the basis of official statistics before they are released (and therefore may be similar to statistics in their final form). The important constraint is to safeguard against the public use of unpublished management information.

This refers to statistics in their final form that have been assured and signed off by the responsible statistician and are ready to be released as part of a scheduled, official statistics publication for open access.

Sharing considerations

Final form official statistics are subject to the Pre-Release Access Order and Code of Practice for Statistics. Statistical producers must restrict access to releases of official statistics before their publication to those persons essential to their production, analysis, and publication or for quality assurance purposes, except in those circumstances governed by the statutory rules on pre-release access.

The Code of Practice allows for changes to pre-announced release dates or times, where agreed by the Head of Profession for Statistics and announced promptly with an explanation for the reasons. Where this may be necessary in responding to an emergency (for example, to allow the statistics to be used in a published statement) then you should discuss this with your HoP.

This refers to statistics that have been quality assured, published and are publicly available.

Sharing considerations

Statistics and data should be published in forms that enable their reuse. Producers should use existing data wherever possible and only ask for more where justified.

Assessing whether you should share

Assessing why you are sharing is just as important as assessing what you are sharing. It must be clear why the data you have is relevant to the emergency at hand or increases capability to respond to a potential crisis, and how sharing it will improve situational understanding. This is important not only to ensure data sharing is proportionate and ethical, but also to avoid overloading users with unnecessary information in a fast-moving environment. Here are some important questions to ask yourself and stakeholders when assessing the need to share:

  • Who is the data being shared with and why?
  • Will this information improve situational awareness of the current emergency?
  • Is it the best source available in the timeframes and circumstances?
  • Does the risk of having less insights for decision making outweigh any risks of sharing?
  • Is the information to be shared proportionate to the need?
  • Have ethical considerations been taken into account?
  • What legal framework applies to the data and how does this influence handling?

Everyone working directly or indirectly with data has a responsibility to ensure that the collection, access, processing, use and storage of data for research and statistical purposes is ethically appropriate. The UK Statistics Authority (UKSA) suggests that ethics are assessed according to the following principles:

  • public good — the use of data has clear benefits for users and serves the public good
  • confidentiality and data security — the data subject’s identity (whether person or organisation) is protected, information is kept confidential and secure, and the issue of consent is considered appropriately
  • methods and quality — the risks and limits of new technologies are considered and there is sufficient human oversight so that methods used are consistent with recognised standards of integrity and quality
  • legal compliance — data used and methods employed are consistent with legal requirements such as Data Protection Legislation, the Human Rights Act 1998, the Statistics and Registration Service Act 2007, and the common law duty
  • public views and engagement — the views of the public are considered in the light of the data used and the perceived benefits of the research
  • transparency — the access, use and sharing of data is transparent, and is communicated clearly and accessibly to the public

In fast paced environments, you may not have the information to hand to make these assessments or be able to speak with all the relevant parties. When deciding on whether to share data, it is vital that you are clear regarding the information that you had to hand and why you made a decision based on that information.

Main learning point

It is important to share data where it might improve understanding or decision-making in a crisis. Handling sensitivities and legislation affecting data sharing must always be followed, even in emergency situations.

Relevant materials

You may find the following resources useful:

Back to top of page

Quality assurance

In emergency scenarios, you may not always be able to carry-out all the quality assurance activities you need to the same standards you would otherwise. However, in a time of crisis, accurate and reliable data is more important than ever. A balance must be struck between the between timeliness and the other dimensions of quality (including accuracy and completeness) of any data produced. Investment in building comprehensive and efficient quality assurance processes during non-crisis periods helps support the response to crises when they occur. Critical datasets can be identified and assessed for data quality and shareability as part of contingency planning before an emergency scenario occurs.

Urgency may also affect outcomes and decisions as the situation evolves, especially if more data is generated. For example, previous quality assurance may not be relevant to the current situation and more assurance may be needed. However, it is important that existing knowledge and assessment of quality and limitations of the data and analysis is leveraged, as appropriate.

Teams should carefully consider the level of assurance they will undertake in consultation with users and only when it is not possible to do otherwise. While a lack of detailed quality assurance should not be a reason to withhold information in crisis scenarios, teams should assure their results as much as possible in the time allotted. Guidance is available to support quality assurance activities under tight time constraints. You can find links to the guidance in the “Relevant materials” section. It is crucial that teams are open about the methods used, the activities and the level of assurance undertaken on both data and analysis (if both are undertaken). Performing a sensitivity analysis allows teams to concentrate their assurance efforts on those areas of the analysis that are likely to have the largest effect or relevance for outputs and decision and that are associated with the greatest risk, including risk of errors or inaccuracies. Also consider which data will affect the most high-profile estimates, and where errors are more likely to mislead or risk the credibility of the analysis.

A consequence of not being able to investigate in depth is that you will have a weaker grasp on the likely limitations of the data. Limitations should be communicated numerically wherever possible and as part of any accompanying narrative or presentation, with a detailed description of limitations, assumptions and uncertainties alongside any data, analysis, or statistics, avoiding over-technical jargon to ensure clarity to all users.

A short paragraph with a description of the analysts’ confidence in the data and results should always be included with results, including concerns about the potential use for decisions. Where applicable, statistics should be given with ranges (preferably confidence intervals if these can be generated) that accurately express the uncertainty in the results. Text should give an indication of the coverage and timing, and the method of measurement and analysis. You should also be transparent about areas you could not investigate in time and express uncertainty about unknown unknowns that may affect the accuracy of data that has had minimal quality assurance. The public interest is best served by the best available information, accompanied by straightforward, clear explanations, published in a timely manner.

Conducting quality assurance need not delay publication or sharing. Quality assurance of methods and inputs can be performed before a single line of code is written. Code written in accordance with best practice builds in quality assurance and validation checks that take moments to run. Good documentation and effective analytical design are time savers and increase resilience.

As soon as the opportunity arises, you should seek feedback from your users and conduct further assurance activities on the data so you can understand where things may have gone wrong, and better understand the limitations, assumptions and uncertainties in past data. This will inform future work.

Main learning point

Quality assurance should be proportionate to the risks associated with the use of the analysis and the time available. While a lack of detailed quality assurance should not be a reason to withhold information in crisis scenarios, teams should assure their results as much as possible in the time allotted and communicate the strengths and limitations of the data in a clear and detailed way.

Relevant materials

You may find the following resources useful:

Back to top of page

Sharing formats and metadata

The Central Digital and Data Office (CDDO) and Data Standards Authority establish and set out the standards that should be adopted across government to make it easier and more effective to share and use data. In crisis scenarios, it will not always be possible or appropriate to follow every aspect of these standards. You will need to assess how to format and describe your data based on the following questions:

  • What is the minimum viable format to allow usage and understanding by the user?
  • Are the risks (to interpretation or otherwise) acceptable in this format?
  • How much additional resource and time will it take to reformat and describe the data?
  • What are the time constraints and user demand for the data?

As a minimum, you should include metadata that gives information about when the data were created, who should be contacted for more information, and any critical usage or quality concerns. Particular care should be taken with fields such as dates which are liable to misinterpretation between systems. Read guidance on representing dates and times in a machine-readable format.

Wherever possible, you should establish preferred pathways and formats for sharing data with teams and departments ahead of time. In addition, make use of machine-readable formats and Application Programming Interfaces (APIs) which not only reduce the risk of human error, but also help make sharing efficient.

Main learning point

Standard formats and metadata help with the efficient usage of data and prevent misinterpretation in fast-paced environments. In crisis scenarios there may be a trade-off between following all cross-government standards and sharing data quickly.

Relevant materials

You may find the following resources useful:

Back to top of page

Accountability and usage controls

The decision for extraordinary sharing and usage of data in crisis scenarios should involve a range of stakeholders, including senior responsible owners and departmental Heads of Profession. Measures should be taken to make clear how and who specific data can and cannot be shared with.

Roles and responsibilities

Data owners

Those holding data are responsible for assessing if and how it is appropriate to share data in crisis scenarios. Analysts should be satisfied with the risk profile of sharing data, and seek advice from their SCS, Heads of Profession, data requestors, security, and other relevant teams where they have any uncertainty or reasonable doubt in the need to share. The most important thing is to act promptly and transparently in all circumstances.

Data requestors

Those requesting data to be shared (in central government or otherwise) have a responsibility to ensure that their request for data is proportionate to the crisis at hand. Data requestors must accept their responsibilities in handling data once it is shared and engage data owners promptly if handling instructions cannot be followed for whatever reason.

Senior leadership

Senior civil servants (SCS) have a responsibility to guide and ensure the effective use of data in crisis scenarios. Each organisation should have a clear senior officer accountable for its analytical activities (usually the Chief Analyst, Director for Analysis, or similar). This senior officer, alongside other relevant SCS should direct extraordinary usage and sharing of their department’s data and engage with other senior leaders where necessary. All SCS (analytical or otherwise) must champion and support the use of evidence to guide effective decisions in crisis events.

Heads of Profession (HoPs)

An organisation’s Head of Profession for Statistics should play a central role in advising on the use of data. For example, decisions may be needed as to whether data are of sufficient quality to support the use being made. Professional analysts are well placed to advise, and to balance the inherent risks. There will also be instances where it is necessary to consult other analytical HoPs (for example, Economics, Social Research, or Operational Research HoPs) depending on the nature of the analysis and data in question. In crisis scenarios, HoPs should be engaged wherever possible, especially when sharing data that is likely to be used publicly.

Controls for internal government usage

Those sharing data must take reasonable measures to control its use and make clear to recipients the handling instructions and sensitivities. Appropriate controls may include:

  • setting up Memorandums of Understanding ahead of time that outline roles and responsibilities of sharing sensitive information between departments
  • labelling data with the correct security or sensitivity marking
  • maintaining a log of those who have received the data, including rationale of why they needed it
  • identifying “responsible owners” within other organisations who agree to monitor proper usage and dissemination within their respective organisations
  • including cover sheets, emails, or documents that clearly outline the sensitivities of the data, the reasons why it has been shared, if it can be shared with anyone else, who it may be shared with, and responsibilities of recipients
  • secure and appropriate transfer mechanisms
  • routine audits
  • retention or deletion of shared data
  • having clear engagement and approval from relevant senior civil servants, HoPs, or both

When sharing unpublished data of any kind it must be clearly noted that the data is not in the public domain, and that it should not be used in public forums without prior approval from the data owner. Any public use of data must follow the principle of equality of access. Should you have any questions or concerns about the sharing of the data, you should speak to the data owner or your departmental Head of Profession.

Controls for sharing with other organisations

Crisis scenarios will often require significant involvement from organisations outside of central government. The Civil Contingencies Act sets out these organisations as:

  • category 1 responders, including emergency services, local authorities, and NHS bodies
  • category 2 responders, including utility and transport companies

Multi-agency partnerships made up of local Category 1 and Category 2 often coordinate crisis-related work. These are referred to as LRFs in England and Wales, Local Regional Resilience Partnerships (LRRPs) in Scotland, and Emergency Preparedness Groups (EPGs) in Northern Ireland. There will be other bodies involved in crisis responses not specifically covered in the Civil Contingencies legislation such as charities and voluntary organisations.

Strong information flows between local organisations and central government are critical to understanding and responding to an unfolding crisis. Organisations should work together according to predetermined structures, for example in adopting the Joint Emergency Services Interoperability Programme (JESIP) Joint Doctrine and through the creation of a Multi-Agency Information Cell (MAIC).

Adopting open data practices as standard will greatly simplify sharing and effective usage of data during crisis events and allow all organisations to draw from the same data. This will improve consistency and comparability. Having more data publicly available as standard for use by local and central government organisations reduces the need to set up bespoke arrangements during crisis and allows for quality concerns to be addressed in a less pressurised environment.

Main learning point

The decision for extraordinary sharing and usage of data in crisis scenarios should involve a range of stakeholders, including senior responsible owners and Heads of Profession. Measures should be taken to make clear how and who data can be share with.

Relevant materials

You may find the following resources useful:

Back to top of page

Public use and transparency

Public usage of data and statistics

Wherever possible, there should be equality of access to the data upon which any public statements are based. Anyone who produces or handles unpublished data is responsible for making it clear that any use in a public forum (including in ministerial or official speeches to inform Parliament or otherwise) should be accompanied by both:

  • a release of the underlying data in an accessible form
  • appropriate explanations of context and sources

The pace of work in crisis scenarios means that close working with the departmental HoP or the Office for Statistics Regulation may be required to avoid any issues relating to equality of access.

It may also sometimes be necessary to make a public statement based on unpublished management information that covers similar ground to a future official statistics release. In cases like these, seek advice from the departmental HoP. The HoP will need to be satisfied that such a use of management information is justified, and that is it will not undermine the planned official statistics release, or broader public trust in official statistics.

Transparency

Transparency is an important part of building trust in statistical information and should guide decisions about the use and release of data and statistics. Adopting open access practices as standard is a good way of improving the quality of our work and the public trust in the statistical system by bringing new perspectives and broader uses of that data to support understanding of the crisis.

Even if data is not being used directly in public statements, the default posture should be transparency and publication. Any data that could be made public should be made public. This supports broader understanding and is paramount where data and methods are being used to inform important decisions that affect the public. The decision to publish will need to be based on the sensitivity of the data at hand. If data or methods are not sensitive, they should be published.

In an enduring crisis, or where a crisis situation transitions into a longer-term priority, data of similar content may need to be regularly published to support public statements and decisions. In these instances, you may wish to consider publishing the data as part of a routine Official Statistics publication.

Any decision to publish data should be taken in consultation with the departmental HoP for statistics, data owners, and any relevant security teams.

Main learning point

Any public use of data should be accompanied by a release of the underlying data in an accessible format. Where appropriate, important data should be routinely published to support public trust in the statistical system.

Relevant materials

You may find the following resources useful:

Back to top of page

The Code of Practice, regulation, and the role of the UKSA

The UK Statistics Authority (UKSA) has the statutory objective to promote and safeguard the production and publication of official statistics that serve public good. While not all types of data shared in crisis scenarios will formally fall under the category of official statistics, such as management information, the principles of serving public good and good practice set out in the Code of Practice for Statistics can still be applied.

In crisis scenarios, data can serve immense public value and good. Making it available to those who need it is consistent with the Code of Practice, provided it is done in a way that maintains public trust in the statistics. Unduly withholding information that could help inform better action in an emergency could limit effective decision making and damage public trust in the government statistical system.

Where official statistics are involved during a crisis, you may need to adapt your usual ways of working. For example, you may need to make changes to pre-announced release dates where necessary. The independence of the statistics remains vital and these decisions should be led by the statisticians and relevant Head of Profession. The Office for Statistics Regulation are on hand to provide advice in line with the Code of Practice where needed.

Relevant materials

You may find the following resources useful:

Back to top of page

How to prepare

Engage with SitCen and other central bodies

SitCen’s function is to support and coordinate cross government data relating to crisis scenarios. Establishing strong relationship with SitCen before crisis events will not only help with the flow of information when crises happen, but will ensure any work being done on preparedness is inclusive and coordinated with wider government. Each Lead Government Department will have a Crisis Data Liaison Officer (DLO) in place to support communication with SitCen. Other departments and agencies are encouraged to join the DLO Network to stay informed of new and developing workstreams.

Be familiar with the risk assessments and how your data may apply

The National Security Risk Assessment (NSRA) and National Risk Register (NRR) assess, compare and prioritise the top national level risks facing the UK. To do this, they concentrate on both the likelihood of the risk occurring and the effect it would have, were it to happen. It is a valuable planning tool to consider scenario planning for analysis against. The Devolved Administrations also have specific country facing documents. Conducting regular stocktakes of analytical holdings against priority risks helps build the data landscape to identify input and gaps should risks materialise.

Clarify roles and responsibilities

Clear governance in crisis scenarios ensure decisions can be made effectively and efficiently. Setting out clear roles to analysts on how to engage Heads of Profession, SCS and others in crisis scenarios helps ensure procedures are followed and risks appropriately managed. Equally, senior figures should be clear on their role in data management during crisis and provide direction to avoid ambiguity.

Understand departmental crisis planning

All departments and organisations will have some form of emergency or business continuity planning. These will likely set out chains of command, governance structures, and prioritisation should different scenarios materialise. These plans will not always incorporate analytical outputs, and it is important to understand how analysis could be produced within these different scenarios.

Develop analytical plans

It is helpful to scenario plan which crisis events would be most likely to benefit from data held by your team or organisation and develop central thinking on how that analysis would be produced. This may include a stocktake of particular relevant or timely data sources, detailing any quality or sharing concerns ahead of time, and having dedicated analytical responders to provide initial support should crises occur.

Adopt open access practices

The International Open Data Charter principles, which the UK Government has formally adopted, sets out how governments can make data available with the technical and legal characteristics necessary for it to be freely used. Having data already assessed, assured, and available in the public domain before a crisis hits greatly reduces the risk of misuse during a crisis event, and eliminates any risk of accidental public usage. Having routine data freely available also frees up important resource in crisis events to concentrate on new analysis that cannot be anticipated.

Build pipelines and agreements

Many types of data will need specific legal and technical pathways to share between organisations. Getting these pathways in place takes time, often far more time than is available when a crisis hits. Work with stakeholders before crisis occur to develop clear access arrangements, ideally using automated means. When acquiring or producing new data, work with providers and producers to understand how and when that data can be shared to meet exceptional need.

Main learning point

Emergency situations are inherently fast paced and pressurised. The best way to effectively mitigate and respond to crises is to prepare before they happen. This includes developing analytical plans and engaging early with central crisis structures.

Relevant materials

You may find the following resources useful:

Back to top of page

Glossary

Acute risk

Time-bound, discrete events, for example a major fire or a terrorist attack. Contrast with “chronic risks”.

Cabinet Office Briefing Rooms (COBR)

The Cabinet Office Briefing Rooms provide the coordination mechanism through which the UK Government responds quickly to emergencies that require decisions urgently (set out in the UK Government’s concept of operations). Ministers and senior officials are brought together in COBR to ensure a common appreciation of the situation and to facilitate effective and timely decision making in responding to domestic and international emergencies affecting UK interests.

Category 1 and 2 Emergency Responder

The Civil Contingencies Act divides those with duties for emergency preparation and response at the local level into two groups (Category 1 and Category 2 responders), each with different duties. Category 1 responders are those at the core of most emergencies and include:

  • the emergency services
  • local authorities
  • some NHS bodies

Category 2 responders are representatives of organisations less likely to be at the heart of emergency planning but who are required to co-operate and share information with other responders to ensure that they are well integrated within wider emergency planning frameworks. They will also be heavily involved in incidents affecting their sector. Category 2 organisations include:

  • the Health and Safety Executive
  • Highways Agency
  • transport companies
  • utility companies

Chronic risk

Continuous challenges which gradually erode our economy, community, way of life or national security (for example, money laundering or antimicrobial resistance). Contrast with Acute risks.

Civil contingencies

Planning and preparation for events or incidents with the potential to impact ordinary citizens and their interests.

Civil Contingencies Act (CCA) 2004

The framework for civil protection in the UK. The CCA identifies and establishes a clear set of roles and responsibilities for those involved in emergency preparation and response at the local level. It also allows for the making of temporary special legislation (emergency regulations) to help deal with the most serious of emergencies.

Crisis

An event or series of events that represents a critical threat to the health, safety, security, or well-being of a community or other large group of people usually over a wider area.

Emergency

An emergency is defined as either:

  • an event or situation which threatens serious damage to human welfare, or to the environment
  • war, or terrorism, which threatens serious damage to security

Local Resilience Forum (LRF)

LRFs are multi-agency partnerships made up of representatives from local public services, including the emergency services, local authorities, the NHS, the Environment Agency and other organisations involved in emergency preparedness. These agencies are known as Category 1 and 2 Responders (except in Northern Ireland), as defined by the Civil Contingencies Act. The CCA and the Regulations provide that responders, through the Local Resilience Forum, have a collective responsibility to plan, prepare and communicate in a multi-agency environment.

National Security Risk Assessment (NSRA)

The NSRA assesses, compares and prioritises the top national level risks facing the UK, outlining both the likelihood of the risk occurring and the effect it would have, if it were to happen. It is the main tool for assessing the most serious civil contingencies risks facing the UK.

National Situation Centre (SitCen)

The National Situation Centre (SitCen) was established in 2021 to bring data, analysis and expertise together for crisis management. SitCen works closely with the COBR Unit are the main mechanism through which data and analytical insights are brought together and presented to decision makers in emergency scenarios.

National Risk Register (NRR)

The NRR is the publicly available counterpart of the NSRA, aimed at providing detailed information for those with formal contingency planning responsibilities at a national and local level.

Northern Ireland Emergency Preparedness Group

The Northern Ireland Emergency Preparedness Group, is a SubGroup of Civil Contingencies Group (NI) and oversees the work of the three Emergency Preparedness Groups at the local level and acts as a conduit to escalate issues to the strategic level.

Regional Resilience Partnership (in Scotland)

Resilience in Scotland is delivered through three Regional Resilience Partnerships which are established by regulation. They work with twelve Local Resilience Forums Partnerships.

Resilience

The UK’s ability to anticipate, assess, prevent, mitigate, respond to, and recover from natural hazards, deliberate attacks, geopolitical instability, disease outbreaks, and other disruptive events, civil emergencies, or threats to our way of life.

Risk

An event, person or object which could cause loss of life or injury, damage to infrastructure, social and economic disruption, or environment degradation. The severity of a risk is assessed as a combination of its potential impact and its likelihood. The Government subdivides risks into hazards and threats.

Scottish Risk Assessment (SRA)

The SRA, produced by Scottish Government (Resilience Division), is designed to supplement the UK Government’s NSRA by providing the Scottish context for NSRA risks where Scotland would be affected differently to the rest of the UK. SRA 2023 covers 15 risk assessments.

Back to top of page
  • If you would like us to get in touch with you then please leave your contact details or email Analysis.Function@ons.gov.uk directly.
  • This field is for validation purposes and should be left unchanged.