Below are examples of potentially harmful impacts to people, organisations and society, and mitigating actions that could be taken.
Stakeholder impacted
Individuals
Type of risk
Wellbeing/ safety/ autonomy
Potentially harmful impact(s)
Denied service based on health data
Discriminated against or stigmatised
Publicly exposed/ attacked
Potential mitigating actions
Stakeholder impacted
Your organisation
Type of risk
Data breach
Potentially harmful impact(s)
Fined for non-compliance with laws or regulations
Potential mitigating actions
Strong data governance framework (see the play ‘how to implement a data governance framework’)
Stakeholder impacted
Your organisation
Type of risk
Brand reputation and loss of trust, eg through sharing personal data when you shouldn’t
Potentially harmful impact(s)
Individuals unwilling to share data with you in future or participate in your health data activities
Reduced willingness of partners to work with you
Potential mitigating actions
Stakeholder impacted
Communities, eg vulnerable groups facing health burden
Type of risk
Inequitable value distribution
Potentially harmful impact(s)
Widening of health inequalities
Potential mitigating actions