Logging and recording during a crisis


Recent news reporting of the various inquiries into the UK, Scotland and Wales responses to COVID has highlighted a significant gap in the capturing of all correspondence relating to the management of the crisis due to the deletion of WhatsApp messages.

Yousaf denies misleading parliament over WhatsApps – BBC News

Boris Johnson says WhatsApps for Covid inquiry recovered – BBC News

Covid inquiry: Welsh government WhatsApps may have been deleted – BBC News

The advent of multiple communications channels from online meeting platforms such as Zoom and Microsoft Teams, through to messaging apps such as WhatsApp, Slack and Signal mean that the role of the log keeper in any response is far more complex than it was ten years ago and this situation will continue as new communications methods are added to the mix.  The one element that remains constant is what every resilience training course or exercise I have ever attended mentions at some point – the need to capture data.  This data capture must be comprehensive for two reasons:

  • So that it can be analysed and the conclusions presented to the Crisis Team so they have sufficient situational awareness to make the best and most appropriate decisions possible at the time.
  • So that the subsequent inquiry or investigation (whether internal or external) can review the response and identify learnings in order to enable continuous improvement. 

Bearing this in mind, ie that every crisis team member in any competent Crisis or Continuity Team knows that there could be an investigation and that all records will be required, it is incredible that the leaders of the UK response to the COVID pandemic both political and civil servant, were not aware of this requirement nor were they informed of the need by the appropriate legal advisors.

However, it is not my place to retrospectively judge the decision making capability of the COVID response but as a resilience professional, it is my role to share observations to enable learning and as a result, here are three take-aways for consideration:

  1. Coordinated activity.  If there are non-approved message channels being used, with potentially informal distribution lists, there is a real risk of mixed messages and uncoordinated activity.  With poor coordination comes the risk for delayed action or of wasted resources.  As a business, we all strive for efficiency but in a crisis, it could save lives and your reputation.
  2. Reputational harm.  The public has a natural interest in news about an emergency or a crisis, and the media have a need to feed stories into the 24/7 news system.  As a result, it should be expected that a major inquiry will be reported, and if an organisation or business cannot provide evidence of why they acted in a certain way, their reputation will be damaged to their customers, investors and employees.
  3. Unnecessary costs.  The recovery of deleted data is an expensive activity.  The additional legal activity required to justify why data isn’t available or why actions were or weren’t taken when only a particle record is available will be an additional expense, just at the moment that cash flow might be challenged post-crisis.

So what?

As you develop your Crisis Management Plans, Emergency Response Plans, Business Continuity Plan or Disaster Recovery Plan, bear in mind that your decisions in the midst of the crisis must be defendable.  Whether that is to families, investors or insurers, all of them will want the full evidence. Wouldn’t it be a better investment to plan in advance and to train your teams on what is required than to potentially pay far more in fines, compensation and a tarnished reputation?

Subscribe To Our Newsletter
Sign up with your email address to receive news and updates