IP-PGN-14 Part of NTW(O)05 Incident Policy
|
|
- Aubrey Bradley
- 8 years ago
- Views:
Transcription
1 Incident Policy Practice Guidance Note Information Governance Incident Reporting Management V01 Date Issued Planned Review PGN No: Issue 1 October 2014 October 2017 IP-PGN-14 Part of NTW(O)05 Incident Policy Author / Designation Responsible Officer / Designation Information Governance Risk and Compliance Manager Executive Director of Performance and Assurance Contents Section Description Page No. 1 Introduction 1 2 Identifying Information Governance Incidents 1 3 Flowchart showing Information Governance Incident Reporting and Review Process during Normal Working 2 Hours 4 Reporting of Information Governance Incidents 3 5 Information Governance Incidents where further Investigation is required 4 6 Incident Management Group 6 7 Rating of Information Governance Serious Incidents 7 8 Information Governance Incidents rated Level 2 and above 8 9 Information Governance incidents rated Level 1 and below 8 Appendices listed separate to PGN Appendix 1 Appendix 2 Appendix 3 Appendix 4 Appendix 5 Appendix 6 Appendix 7 Serious Incidents Requiring Investigation Breach Types Defined Guidance Notes for Completing IR1 Form Template for Non-clinical Incidents Serious Incident Review Report Proforma Template for Assessing the Severity of IG Incidents Serious Incident Review Action Plan Template Table 1 Template Level 2 IG SIRI s Annual Report Table 2 Template Level 1 IG SIRI s Annual Report
2 1 Introduction 1.1 All Health, Public Health and Adult Social Care services must ensure that all Information Governance Serious Incidents Requiring Investigation (IG SIRI s) are reported and handled effectively. 1.2 From 1st June, 2013 the organisations which process health and adult social care personal data are required to grade all IG SIRI s using the criteria implemented by the HSCIC. All IG SIRI s graded Level 2 and above must be reported through the IG Toolkit Incident Reporting Tool. This information will then be accessed by Department of Health, Information Commissioners Office (ICO) and other regulators. 1.3 To assist and support organisations with this process, guidance has been issued by the Health and Social Care Information Centre (HSCIC). 1.4 The content of this Practice Guidance Note reflects the guidance issued by the HSCIC and the purpose of this Practice Guidance Note is to inform Trust staff on how all Information Governance Incidents should be reported and handled within the new framework. 2 Identifying Information Governance Incidents 2.1 There is no simple definition of an Information Governance (IG) Incident. IG Incidents will involve service user / carer / staff or third party information held on various media such as paper, computers, digital recordings and images. Serious IG Incidents may clearly be identifiable from the outset because of the type of breach, but the severity of some incidents may not be fully established until further investigation work has been carried out. 2.2 As a guide, an IG Incident can be: Any incident which involves actual or potential failure to meet the requirements of the Data Protection Act 1998 and / or the Common Law of Confidentiality; This includes an unlawful disclosure or misuse of confidential data, recording or sharing of inaccurate data, information security breaches and inappropriate invasion of people s privacy; Such personal data breaches which could lead to identity fraud or have other significant impact on individuals; Applies irrespective of the media involved and includes both electronic media and paper records. 2.3 A full list of breach types and examples can be found as Appendix 1 in this Practice Guidance Note. If staff need any assistance in identifying a IG breach they should contact the IG or the Caldicott Teams for advice. 2.4 However if a breach occurs and there is uncertainty that it is an IG Incident, the service should contact the IG Team / Caldicott and Legal Affairs Team for advice and support. 1
3 3 The following Flowchart shows the Reporting and Review Process for Information Governance Incidents during Normal Working Hours Reporting of Information Governance Incidents. 4 Reporting of Information Governance Incidents 4.1 Once an incident has occurred and the situation stabilised, the incident should be reported in line with the IP-PGN-01 Incident Reporting and Management by the Service where it occurred. The Service / Directorate 2
4 Manager should contact the Information Governance (IG) Team or the Caldicott and Legal Affairs Team for advice and support. 4.2 The Service / Directorate Manager should complete an IR1 Form and submit it to the Safety Team for inputting into the Safeguard Risk Management System. The IR1 should contain all following information: Details of the person affected; Nature of the incident; Nature of information involved. (i.e. Clinical appointment letter etc.); Number of persons potentially affected. (i.e. Service Users / carers / Staff, etc.); What remedial action has been taken?; If a document / letter has been sent to the incorrect recipient what steps have been taken to retrieve it? 4.3 The IR1 should also describe what remedial action was taken to reduce the impact of the breach and what action will be taken to ensure it does not occur again. The IR1 should contain all following information: Steps taken to notify persons potentially affected. (i.e. Apology given); Details of any after action review whether informal or formal; What procedures have been put in place to ensure type of incident does not reoccur; How has this action been communicated to the relevant people?; Is there an HR process being instigated / implemented?, 4.4 It is of vital importance that the correct information is completed on the IR1 Form as it is the basis of the investigation work carried out by the IG Team and may impact on the rating of the incident under the HSCIC Guidance. Please refer to Appendix 2, Guidance for the Completion of the IR1 Form. 4.5 If the breach has resulted in person identifiable information being sent to the wrong individual, then all efforts must be taken by the Service / Directorate to ensure that the information is retrieved. 4.6 In all incidents where personal information has been breached then the person affected, should be contacted by the Service / Directorate, informing them of the breach, an apology given and provided with details of how to make a complaint through the Trust s complaints process. 3
5 4.7 If, however, the disclosure of the breach would have an adverse effect on the person concerned, then a clinical decision to withhold the information may be taken. However, this should be documented clearly in the patient s records and clear justification must be given for the patient not being informed. 4.8 Once the incident has been reported it is assigned an incident number from the Safeguard Risk Management System and any further information collected should be entered onto that system. The incident will then appear on the Information Governance Weekly Report Open Cases and the Information Governance Detailed Daily Report. 4.9 The IG Team will go into the Safeguard Risk Management System and add in any additional information about the incident they have collected. Based on the information provided, the Team will then provide an initial grading of the impact of the incident following the rating process identified in the HSCIC Guidance to the IG Incident Management Group. (Under Section 7). 5 Information Governance (IG) Incidents where further Investigation is required 5.1 All IG Incidents will be categorised depending on their severity on what level of investigation is required. 5.2 The categories of investigation are as follows: Full Serious Incident Investigation; Formal After Action Review; Team After Action Review. 5.3 All IG Incidents should have either an informal (Team / Department) or formal review of the circumstances around the issue and what steps should be taken to reduce the risk of reoccurrence. 5.4 Some reviews will take the format of an after action review (AAR) and others will have the corrective actions recorded on the IR1. This depends on the severity of the IG Incident. The process entails discussing an IG Incident and recording what actions should be taken by looking at the following: What happened?; Why did it happen?; What went well?; What needs improvement?; What lessons can be learned from the experience. 4
6 5.5 Full Serious Incident Investigation. (Information Governance Incidents) Where a serious IG Incident has occurred then the process for serious incidents should be followed. There are differences to the documents completed due to the nature of IG Incidents but overall the process is the same The Medical Director (Caldicott) and the Executive Director of Performance and Assurance (SIRO) will assign an Investigating Officer to look into the circumstances around the IG Incident. The Investigating Officer should ensure that the investigation is completed within 30 working days The Investigating Officer will also be responsible for collecting witness statements, facilitating the After Action Review (within 10 days) and summarising all the information received into the final Report. The template for the Report is attached as Appendix The completed Serious Incident Review Report should be forwarded to the Directorate Manager and Safety Team for quality checking and signature prior to submission to Incident and Claims Department for the Incident Review Panel. An electronic copy of all the information gathered should be forwarded to the Incident and Claims Department to be attached to the Electronic Incident Record. If this is not possible, Incident and Claims will scan the documents, when they receive them from the Investigating Officer The Incident and Claims Department will construct a Serious Incident Investigation Electronic File for the office and send an electronic pack to the appointed Investigating Officer and relevant people involved in the investigation. The Investigating Officer will be notified of the date of the Serious Incident Review Panel and when papers are due with Incident and Claims The Incident and Claims Department will report the incident on the Strategic Executive Information System (STEIS) to inform the Commissioners / Clinical Commissioning Groups. 5.6 Serious Incident Review Panel In the case of Serious Incidents (SI s) Review Panel for an IG Incident the panel should include members with an Information Governance background as well as clinical and operational representation Therefore the Panel should contain at least three members of the IG Incident Management Group The Panel will consider the Investigating Officers Report and ask questions where issues need clarification. The Panel will also agree the actions recommended by the Investigating Officer on their Report and if necessary add additional actions. 5
7 5.6.4 The Action Plan should be finalised at the Serious Incident Review Meeting and timescales set against the actions for completion. The template for the Action Plan is attached as Appendix 4. 6 Information Governance (IG) Incident Management Group 6.1 The IG Incident Management Group Members include but are not limited to the following: Executive Director of Performance and Assurance (Chair); Director of Informatics; Head of Safety / Patient Experience; Caldicott and Legal Affairs Lead; IG Risk and Compliance Manager; Representative from Human Resources. 6.2 The Information Governance Incident Management Group meets on a fortnightly basis to look at all IG Incidents and update on what actions have been taken to resolve those incidents. 6.3 The Group will also discuss Action Plans from Serious Incident Reviews and map progress of open actions. Clinical Group IG Incident Action Plans will be signed off by the clinical Q and P Group. IG Incidents which do not report to a Q and P Group will be signed off by the appropriate Senior Manager. (For example, Medical, Finance, Performance, Workforce). 6
8 6.4 Once an action has been completed the Incidents and Claims Department will update the Action Plan. Once all actions have been completed it will be signed off by the appropriate group / Senior Manager and the IG Incident will be closed by the IG Incident Management Group. 6.5 The Group receive a weekly report which shows the IG Incidents which have occurred and are still open. Each Incident is discussed and where necessary a Case Manager is assigned from the Group to investigate further the circumstances surrounding the IG Incident. 6.6 The Case Manager will feedback any further information in relation to the IG Incident to the Group. The Group will then decide if any further action needs to be taken or to close the incident. 6.7 The Incident Group will also use the above information provided by the Case Manager to re-evaluate the rating of each IG Incident initially scored by the IG Team. (Under 4.9). 6.8 Once the final ratings of the IG Incidents has been agreed by the Incident Management Group, it will be then sent to the next Senior Management Team (SMT) Meeting for approval. 6.9 Further information in relation to IG Incidents rated Level 2 and above will be provided to SMT for approval prior to submission on the Information Governance Toolkit by the IG Team Once the final ratings have been ratified by the SMT, the Level 2 and above Incidents will be uploaded onto the Information Governance Toolkit under the Incident Reporting Tool by the IG Team All IG incidents rated Level 1 will be reported in the Trust s Annual Report. 7 Rating of Information Governance Serious Incidents Requiring Investigation (IG SIRI) 7.1 The IG SIRI category is determined by the context, scale and sensitivity of the Incident. Every Incident can be categorised as: Level 1 Confirmed IG SIRI but no need to report to ICO, DH and other central bodies; Level 2 Confirmed IG SIRI that must be reported to ICO, DH and other central bodies. 7.2 A further category of IG SIRI is also possible and should be used in Incident Closure where it is determined that it was a near miss or the Incident is found to have been mistakenly reported: Level 0 Near miss / non-event. 7.3 Where an IG SIRI has found not to have occurred or severity is reduced due to fortunate events which were not part of pre-planned controls this 7
9 should be recorded as a near miss to enable lessons learned activities to take place and appropriate recording of the event. 7.4 The initial grading of the incident may change once all the facts of the incident have been established. 7.5 The Checklist Template to produce the appropriate rating for each incident is attached to this document as Appendix Guidance on how complete the grading can be found by clicking on the following link: g%20tool%20publication%20statement_final_v2%200.pdf 8 Information Governance Incidents (IG SIRI) rated Level 2 and above 8.1 Once an IG SIRI rating has been assessed and approved as level 2 or above by the Senior Management Team, the IG team will then upload the information on to the IG Incident Reporting Tool through the IG Toolkit. 8.2 Guidance on how to upload the information on to the IG Incident Reporting tool can be found by clicking on the following link: ool%20user%20guide.pdf 8.3 Detailed definitions and examples of breach types are attached as Appendix The HSCIC guidance also states that Incidents classified at an IG SIRI severity Level 2 need to be detailed individually in the annual report in the format provided as Table 1 attached as Appendix All reported incidents relating to the period in question should be reported, whether they are open or closed incidents. 9 Information Governance Incidents (IG SIRI) rated Level 1 and below 9.1 If an IG SIRI rating has been assessed and approved as Level 1 or below, this does not have to be reported through the IG Toolkit. 9.2 IG SIRI s rated Level 1 and below would be reported using Table 2 in Appendix 7 within the Trust s Annual Report. 8
Standard Operating Procedure for the Management of Information Governance Serious Incidents Requiring Investigation (IG SIRI)
Standard Operating Procedure for the Management of Information Governance Serious Incidents Requiring Investigation (IG SIRI) DOCUMENT CONTROL: Version: V1 Ratified by: Risk Management Sub Group Date ratified:
More informationInformation Incident Management and Reporting Procedures
` Information Incident Management and Reporting Procedures Compliance with all CCG policies, procedures, protocols, guidelines, guidance and standards is a condition of employment. Breach of policy may
More informationInformation Incident Management and Reporting Procedures
Information Incident Management and Reporting Procedures Compliance with all policies, procedures, protocols, guidelines, guidance and standards is a condition of employment. Breach of policy may result
More informationPolicy: IG01. Information Governance Incident Reporting Policy. n/a. Date ratified: 16 th April 2014
Policy: IG01 Information Governance Incident Reporting Policy Version: IG01/01 Ratified by: Trust Management Team Date ratified: 16 th April 2014 Title of Author: Head of Governance Title of responsible
More informationInformation Incident Management. and Reporting Policy
Information Incident Management and Reporting Policy Policy ID IG10 Version: 1 Date ratified by Governing Body 21/3/2014 Author South CSU Date issued: 21/3/2014 Last review date: N/A Next review date:
More informationManagement Of CCG Incidents
Corporate CCG CO08 Incident Reporting and Management Policy Version Number Date Issued Review Date V2: 03/02/2015 25/03/2015 01/04/2018 Prepared By: Julie Rutherford, Senior Governance Officer, NECS Consultation
More informationInformation Governance Serious Incident Requiring Investigation Policy and Procedure
Information Governance Serious Incident Requiring Investigation Policy and Procedure Document Control Sheet Name of document: Information Governance Serious Incident Requiring Investigation (SIRI) Policy
More informationData Protection Breach Reporting Procedure
Central Bedfordshire Council www.centralbedfordshire.gov.uk Data Protection Breach Reporting Procedure October 2015 Security Classification: Not Protected 1 Approval History Version No Approved by Approval
More informationChecklist Guidance for Reporting, Managing and Investigating Information Governance and Cyber Security Serious Incidents Requiring Investigation
Checklist Guidance for Reporting, Managing and Investigating Information Governance and Cyber Security Serious Incidents Requiring Investigation Applicable to all organisations processing Health, Public
More informationPolicy Name. Completed
` Policy Type Information Governance Corporate Standing Operating Procedure Human Resources X Policy Name CO07: INCIDENT REPORTING AND MANAGEMENT POLICY Status Committee approved by Approved Management
More informationChecklist Guidance for Reporting, Managing and Investigating Information Governance Serious Incidents Requiring Investigation (IG SIRI)
Checklist Guidance for Reporting, Managing and Investigating Information Governance Serious Incidents Requiring Investigation (IG SIRI) Applicable to all organisations processing Health, Public Health
More informationCCG C008 Incident Management Policy
CCG C008 Incident Management Policy Ratified March 2015 This is a corporate policy which outlines the Incident Reporting and Management Framework for Status Hartlepool and Stockton-On-Tees CCG. Issued
More informationPCT Incident Reporting and Management Policy
Corporate Incident Reporting and Management Policy Version Number Date Issued Review Date V2 10/02//2015 10/02/2016 Prepared By: Consultation Process: Julie Rutherford Governance Team, NECs Clinical Quality
More informationNHS Waltham Forest Clinical Commissioning Group Information Governance Strategy
NHS Waltham Forest Clinical Commissioning Group Governance Strategy Author: Zeb Alam, CCG IG Lead, (NELCSU) David Pearce, Head of Governance, WFCCG Version 3.0 Amendments to Version 2.1 Annual Review Reference
More informationInformation Governance Policy
Information Governance Policy Version: 4 Bodies consulted: Caldicott Guardian, IM&T Directors Approved by: MT Date Approved: 27/10/2015 Lead Manager: Governance Manager Responsible Director: SIRO Date
More informationProcess for reporting and learning from serious incidents requiring investigation
Process for reporting and learning from serious incidents requiring investigation Date: 9 March 2012 NHS South of England Process for reporting and learning from serious incidents requiring investigation
More informationPolicy: D9 Data Quality Policy
Policy: D9 Data Quality Policy Version: D9/02 Ratified by: Trust Management Team Date ratified: 16 th October 2013 Title of Author: Head of Knowledge Management Title of responsible Director Director of
More informationInformation Governance Standards in Relation to Third Party Suppliers and Contractors
Information Governance Standards in Relation to Third Party Suppliers and Contractors Document Summary Ensure staff members are aware of the standards that should be in place when considering engaging
More informationPolicy Document Control Page
Policy Document Control Page Title Title: Information Governance Policy Version: 5 Reference Number: CO44 Keywords: Information Governance Supersedes Supersedes: Version 4 Description of Amendment(s):
More informationInformation Governance and Data Protection Policy
Information Governance and Data Protection Policy Page 1 of 21 Document Control Sheet Name of document: Version: Owner: File location / Filename: Information Governance and Data Protection Policy Final
More informationFurther to reports to EAG in February and March 2014, the purpose of this report is to;
Report to: Trust Board of Directors Date of Meeting: 29 May 2014 Report Title: Annual Information Governance Report 13/14 Status: Mark relevant box with X Prepared by: Executive Sponsor (presenting): Appendices
More informationINFORMATION GOVERNANCE HANDBOOK
INFORMATION GOVERNANCE HANDBOOK SECTION ONE Author Tracey Burrows Role Information Governance Manager (CSCSU) Date / Version February 2015 Version FINAL V1.0 Approved by IM&T Board Date 27 February 2015
More informationInformation Governance Strategy. Version No 2.1
Livewell Southwest Information Governance Strategy Version No 2.1 Notice to staff using a paper copy of this guidance. The policies and procedures page of LSW Intranet holds the most recent version of
More informationINFORMATION GOVERNANCE POLICY
INFORMATION GOVERNANCE POLICY Page 1 of 46 Policy Title: Executive Summary: Information Governance Policy This policy seeks to identify the actions required to ensure that information is appropriately
More informationINFORMATION GOVERNANCE POLICY
INFORMATION GOVERNANCE POLICY Version: 3.2 Authorisation Committee: Date of Authorisation: May 2014 Ratification Committee Level 1 documents): Date of Ratification Level 1 documents): Signature of ratifying
More informationNEWLY CREATED / REVISED POSTS JOB MATCHING POLICY AND PROCEDURE
YMDDIRIEDOLAETH GIG CEREDIGION A CHANOLBARTH CYMRU CEREDIGION AND MID WALES NHS TRUST NEWLY CREATED / REVISED POSTS JOB MATCHING POLICY AND PROCEDURE Author Director of Human Resources Equality impact
More informationInformation Governance Policy
Information Governance Policy Policy ID IG02 Version: V1 Date ratified by Governing Body 27/09/13 Author South Commissioning Support Unit Date issued: 21/10/13 Last review date: N/A Next review date: September
More informationNHS DORSET CLINICAL COMMISSIONING GROUP GOVERNING BODY INFORMATION GOVERNANCE TOOLKIT REPORT
NHS DORSET CLINICAL COMMISSIONING GROUP GOVERNING BODY INFORMATION GOVERNANCE TOOLKIT REPORT 9.7 Date of the meeting 15/07/2015 Author Sponsoring Clinician Purpose of Report Recommendation J Green - Head
More informationInformation Governance Strategy. Version No 2.0
Plymouth Community Healthcare CIC Information Governance Strategy Version No 2.0 Notice to staff using a paper copy of this guidance. The policies and procedures page of PCH Intranet holds the most recent
More informationPOLICY & PROCEDURE FOR THE MANAGEMENT OF SERIOUS INCIDENTS
POLICY & PROCEDURE FOR THE MANAGEMENT OF SERIOUS INCIDENTS APPROVED BY: South Gloucestershire Clinical Commissioning Group Quality and Governance Committee DATE August 2015 Date of Issue: August 2015 Version
More informationIncident Reporting Procedure
Incident Reporting Procedure Version: Version 1 Ratified by: HEE Board Date ratified: 20 March 2014 Name and Title of Mike Jones, Corporate Secretary originator/author(s): Name of responsible Director:
More informationChecklist Guidance for Reporting, Managing and Investigating Information Governance Serious Incidents Requiring Investigation
Checklist Guidance for Reporting, Managing and Investigating Information Governance Serious Incidents Requiring Investigation 1 st June 2013 Version 2.0 Revision History Version Date Summary of Changes
More informationNHS Newcastle Gateshead Clinical Commissioning Group. Information Governance Strategy 2015/16
NHS Newcastle Gateshead Clinical Commissioning Group Information Governance Strategy 2015/16 Document Status Equality Impact Assessment Document Ratified/Approved By Approved No impact NHS Quality, Safety
More informationNHS North Durham Clinical Commissioning Group. Information Governance Strategy 2015/16
NHS North Durham Clinical Commissioning Group Information Governance Strategy 2015/16 Document Status Equality Impact Assessment Document Ratified/Approved By Final No impact Risk and Audit Committee/Governing
More informationInformation Governance Strategy 2015/16
Information Governance Strategy 2015/16 Ratified Governing Body (November 2015) Status Final Issued November 2015 Approved By Executive Committee (August 2015) Consultation Equality Impact Assessment Internal
More informationINFORMATION GOVERNANCE STRATEGY
INFORMATION GOVERNANCE STRATEGY Page 1 of 10 Strategy Owner Valerie Penn, Head of Governance Strategy Author Caroline Law, Information Governance Project Manager Directorate Corporate Governance Ratifying
More informationINFORMATION GOVERNANCE AND DATA PROTECTION POLICY
INFORMATION GOVERNANCE AND DATA PROTECTION POLICY WN CCG Information Governance & Data Protection Policy July 2013 1 Document Control Sheet Name of Document: Information Governance & Data Protection Policy
More informationIncident Management Policy and Guidance
This document is uncontrolled once printed. Please check on the intranet for the most up to date version. Incident Management Policy and Guidance Includes Serious Incident Management Our Mission is to
More informationA Question of Balance
A Question of Balance Independent Assurance of Information Governance Returns Audit Requirement Sheets Contents Scope 4 How to use the audit requirement sheets 4 Evidence 5 Sources of assurance 5 What
More informationInformation Governance Strategy
Information Governance Strategy To whom this document applies: All Trust staff, including agency and contractors Procedural Documents Approval Committee Issue Date: January 2010 Version 1 Document reference:
More informationINFORMATION RISK MANAGEMENT POLICY
INFORMATION RISK MANAGEMENT POLICY DOCUMENT CONTROL: Version: 1 Ratified by: Steering Group / Risk Management Sub Group Date ratified: 21 November 2012 Name of originator/author: Manager Name of responsible
More informationMaking Experiences Count Procedure
Making Experiences Count Procedure When a mistake happens, it is important to acknowledge it, put things right quickly and learn from the experience. Listening, Responding, Improving A guide to better
More informationInformation Governance Strategy Includes Information risk & incident management methodology
Version 2.0 LOGOLOGO Information Governance Strategy Includes Information risk & incident management methodology Approved by: Quality & Governance Committee Ratification date: May 2014 Review date: May
More informationIncident Reporting and Management Policy
Incident Reporting and Management Policy Ratified Governance & Risk Committee Status Final Issued 10/02/2015 Approved By Consultation Equality Impact Assessment Distribution All Staff Date Amended
More informationInformation Governance Policy
Author: Susan Hall, Information Governance Manager Owner: Fiona Jamieson, Assistant Director of Healthcare Governance Publisher: Compliance Unit Date of first issue: February 2005 Version: 5 Date of version
More informationDate: 30 th May 2013. Agenda Item: 5.5. Ian Mackenzie Director of Information and Estates REPORT AUTHOR:
TRUST BOARD IN PUBLIC Date: 30 th May 2013 Agenda Item: 5.5 REPORT TITLE: Information Governance Annual Report EXECUTIVE SPONSOR: Ian Mackenzie Director of Information and Estates REPORT AUTHOR: Sarah
More informationInformation Governance Management Framework
Information Governance Management Framework Responsible Officer Author Business Planning & Resources Director Governance Manager Date effective from October 2015 Date last amended October 2015 Review date
More informationINFORMATION GOVERNANCE POLICY
INFORMATION GOVERNANCE POLICY Primary Intranet Location Information Management & Governance Version Number Next Review Year Next Review Month 7.0 2018 January Current Author Phil Cottis Author s Job Title
More informationCorporate Governance, Assurance & Risk Manager. Governance and Assurance Committee. Three yearly, unless guidance or circumstances change.
Document reference code: Title: Developed by: Document type: Policy library: Sub Section: Document status: Date of ratification: Ratified By: Date to be reviewed: Incident Management policy Corporate Governance,
More informationInformation Governance Strategy
Information Governance Strategy Document Status Draft Version: V2.1 DOCUMENT CHANGE HISTORY Initiated by Date Author Information Governance Requirements September 2007 Information Governance Group Version
More informationInformation Governance Policy
Information Governance Policy Version: Revised: Consultation: Ratified by: 1.0 Information Governance Committee Governance Committee Date ratified: 19 March 2008 Name of originator/author: David McGrath
More informationInformation Governance Strategy Includes Information risk & incident management methodology
Version 3.0 LOGOLOGO Information Governance Strategy Includes Information risk & incident management methodology Approved by: Quality Assurance Group Ratification date: March 2015 Review date: March 2016
More informationPatient Online Services in Primary Care
Patient Online Services in Primary Care Good Practice Guidance on Identity Verification NHS England INFORMATION READER BOX Directorate Medical Commissioning Operations Patients and Information Nursing
More informationNHS Hartlepool and Stockton-on-Tees Clinical Commissioning Group. Information Governance Strategy 2015/16
NHS Hartlepool and Stockton-on-Tees Clinical Commissioning Group Information Governance Strategy 2015/16 Document Status Equality Impact Assessment Final No impact Document Ratified/Approved By Hartlepool
More informationINFORMATION GOVERNANCE POLICY
Directorate of Performance Assurance INFORMATION GOVERNANCE POLICY Reference: DCP074 Version: 2.5 This version issued: 27/03/15 Result of last review: Minor changes Date approved by owner (if applicable):
More informationInformation security incident reporting procedure
Information security incident reporting procedure Responsible Officer Author Date effective from 2009 Ben Bennett, Business Planning & Resources Director Julian Lewis, Governance Manager Date last amended
More informationInformation Governance Strategy
Policy No: IG01 Version: 3.0 Name of Policy: Information Governance Strategy Effective From: 02/06/2015 Date Ratified 06/05/2015 Ratified Health Informatics Assurance Group (HIAG) Review Date 01/05/2017
More informationINFORMATION GOVERNANCE POLICY (INCORPORATING INFORMATION GOVERNANCE MANAGEMENT FRAMEWORK)
Ref No: IN-101 INFORMATION GOVERNANCE POLICY (INCORPORATING INFORMATION GOVERNANCE MANAGEMENT FRAMEWORK) AREA: POLICY SPONSOR: Trust Wide Director of Finance IMPLEMENTED: October 2009 REVISED: June 2011
More informationIncident reporting procedure
Incident reporting procedure Number: THCCGCG0045 Version: V0d1 Executive Summary All incidents must be reported. This should be done as soon as practicable after the incident has been identified to ensure
More informationData Security Breach Management Procedure
Academic Services Data Security Breach Management Procedure Document Reference: Data Breach Procedure 1.1 Document Type: Document Status: Document Owner: Review Period: Procedure v1.0 Approved by ISSG
More informationPolicies for: Information Governance Information Quality Information Management Information Security. Version Control Version: 0.1
Policies for: Information Governance Information Quality Information Management Information Security Approved by: None this version Date approved: Name of originator/author: Ade Oduntan, Mike Hellier,
More informationJOB DESCRIPTION. Information Governance Manager
JOB DESCRIPTION POST TITLE: Information Governance Manager DIRECTORATE: ACCOUNTABLE TO: BAND: LOCATION: CSS Head of Information Governance 8a CSS Job Purpose The Information Governance Manager will ensure
More informationSecurity Incident Policy
Organisation Title Author Owner Protective Marking Somerset County Council Security Incident Policy Peter Grogan Information Governance Manager Unclassified POLICY ON A PAGE Somerset County Council will
More informationBHR CCGs Procedure for Managing Information Governance/Information Security Related Incidents
BHR CCGs Procedure for Managing Information Governance/Information Security Related Incidents Version Description of Change(s) Reason for Author Date Change 0.1 Draft Created Initial Draft R Lavender 30/09/2013
More informationRISK MANAGEMENT STRATEGY 2014-17
RISK MANAGEMENT STRATEGY 2014-17 DOCUMENT NO: Lead author/initiator(s): Contact email address: Developed by: Approved by: DN128 Head of Quality Performance Julia.sirett@ccs.nhs.uk Quality Performance Team
More informationINFORMATION GOVERNANCE AND SECURITY 1 POLICY DRAFTED BY: INFORMATION GOVERNANCE LEAD 2 ACCOUNTABLE DIRECTOR: SENIOR INFORMATION RISK OWNER
INFORMATION GOVERNANCE AND SECURITY 1 POLICY DRAFTED BY: INFORMATION GOVERNANCE LEAD 2 ACCOUNTABLE DIRECTOR: SENIOR INFORMATION RISK OWNER 3 APPLIES TO: ALL STAFF 4 COMMITTEE & DATE APPROVED: AUDIT COMMITTEE
More informationHOW TO; Report a Serious Incident Requiring Investigation (SIRI) or a Significant Event (SEA) to the Surrey and Sussex Area Team
HOW TO; Report a Serious Incident Requiring Investigation (SIRI) or a Significant Event (SEA) to the Surrey and Sussex Area Team Quality & Safety Team, Nursing Directorate. HOW TO. Report a serious incident
More informationCOMPLAINTS POLICY AND PROCEDURE TWC7
COMPLAINTS POLICY AND PROCEDURE TWC7 Version: 3.0 Ratified by: Complaints Group Date ratified: July 2011 Name of originator/author: Name of responsible committee/ individual: Date issued: July 2011 Review
More informationNew v1.0 Date: November 2015 Sarah Hankey - Risk & Claims Manager. Liz Lockett - Associate Director of Quality & Risk
Corporate Incident Reporting: Standard Operating Procedure Document Control Summary Status: Version: Author/Title: Owner/Title: Approved by: Ratified: Related Trust Strategy and/or Strategic Aims Implementation
More informationRisk Management Policy
Risk Management Policy Responsible Officer Author Ben Bennett, Business Planning & Resources Director Julian Lewis, Governance Manager Date effective from December 2008 Date last amended December 2012
More informationType of change. V02 Review Feb 13. V02.1 Update Jun 14 Section 6 NPSAS Alerts
Document Title Reference Number Lead Officer Author(s) (name and designation) Ratified By Central Alerting System (CAS) Policy NTW(O)17 Medical Director Tony Gray Head of Safety and Patient Experience
More informationINFORMATION GOVERNANCE POLICY
INFORMATION GOVERNANCE POLICY Name of Policy Author: Name of Review/Development Body: Ratification Body: Ruth Drewett Information Governance Steering Group Committee Trust Board : April 2015 Review date:
More informationINFORMATION GOVERNANCE STRATEGIC VISION, POLICY AND FRAMEWORK
INFORMATION GOVERNANCE STRATEGIC VISION, POLICY AND FRAMEWORK Policy approved by: Assurance Committee Date: 3 December 2014 Next Review Date: December 2016 Version: 1.0 Information Governance Strategic
More informationUNIVERSITY HOSPITALS OF LEICESTER NHS TRUST
UNIVERSITY HOSPITALS OF LEICESTER NHS TRUST CLINICAL NEGLIGENCE, PERSONAL INJURY, AND PROPERTY CLAIMS HANDLING POLICY APPROVED BY: THE TRUST BOARD DATE: 6 TH JUNE 2002 REVIEW: ORIGINATOR: ANNUALLY MICHAEL
More informationTrust Board Report. Review of the effectiveness of the IM&T Committee
1. Introduction Trust Board Report Review of the effectiveness of the The meets every eight weeks, with a specific responsibility for governance, strategic direction, approval and direction of developments
More informationTrust Informatics Policy. Information Governance. Information Governance Policy
Trust Informatics Policy Information Governance Policy Reference: TIP/IG/IGP I:\IG\IGM\IGT\March 2011\Document Library\Policies\Approved/ - 1 Document Control Policy Title Author/Contact Document Reference
More informationPrivacy and Electronic Communications Regulations
ICO lo Notification of PECR security breaches Privacy and Electronic Communications Regulations Contents Introduction... 2 Overview... 2 Relevant security breaches... 3 What is a service provider?... 3
More informationDean Bank Primary and Nursery School. Data Protection Policy
Dean Bank Primary and Nursery School Data Protection Policy January 2015 Data Protection Policy Dean Bank Primary and Nursery School handles increasing amounts of personal information and have a statutory
More informationIncident & Serious Incident Policy/Procedure
Incident & Serious Incident Policy/Procedure 1 SUMMARY This policy and procedure details the approved requirements for the identification, notification, investigation, action planning/ implementation,
More informationOnce more unto the breach... Dealing with Personal Data Security Breaches. Helen Williamson Information Governance Officer
Once more unto the breach... Dealing with Personal Data Security Breaches Helen Williamson Information Governance Officer Aims of the session What are we going to look at? What is a data security breach?
More informationNIGB. Information Governance Untoward Incident Reporting and Management Advice for Local Authorities
Information Governance Untoward Incident Reporting and Management Advice for Local Authorities March 2013 Contents Page 1. The Role of the NIGB.....3 2. Introduction...4 3. Background Information...6 4.
More informationINFORMATION GOVERNANCE POLICY
INFORMATION GOVERNANCE POLICY Including the Information Governance Strategy Framework and associated Information Governance Procedures Last Review Date Approving Body N/A Governing Body Date of Approval
More informationPOLICY CONTROL DOCUMENT - 2
POLICY CONTROL DOCUMENT - 2 NUMBER OF PAGES (EXCLUDING APPENDICES) 8 SUMMARY OF REVISIONS: 22 nd December 2011 Sections removed from policy and placed as Appendix which include the following: Responsibilities
More informationGUIDANCE FOR RESPONDING TO COMPLAINTS. Director of Nursing and Quality. Patient Experience and Customer Services Manager
REFERENCE NUMBER: IN-007 GUIDANCE FOR RESPONDING TO COMPLAINTS AREA: NAME OF RESPONSIBLE COMMITTEE / INDIVIDUAL NAME OF ORIGINATOR / AUTHOR Trust Wide Director of Nursing and Quality Patient Experience
More informationNHS Commissioning Board: Information governance policy
NHS Commissioning Board: Information governance policy DOCUMENT STATUS: To be approved / Approved DOCUMENT RATIFIED BY: DATE ISSUED: October 2012 DATE TO BE REVIEWED: April 2013 2 AMENDMENT HISTORY: VERSION
More informationTERMS OF REFERENCE: REVIEW OF THE INFORMATION GOVERNANCE TOOLKIT
TERMS OF REFERENCE: REVIEW OF THE INFORMATION GOVERNANCE TOOLKIT The Information Governance Professional Leadership Group hosted by the NHS Commissioning Board is committed to conducting a strategic review
More informationCONTRACTS REVIEW FOR INFORMATION GOVERNANCE COMPLIANCE PROCEDURE
This document is uncontrolled once printed. Please check on the CCG s Intranet site for the most up to date version CONTRACTS REVIEW FOR INFORMATION GOVERNANCE COMPLIANCE PROCEDURE Document Title: Contracts
More informationPOLICY FOR THE REPORTING AND MANAGEMENT OF PATIENT COMPLAINTS
Item 9 POLICY FOR THE REPORTING AND MANAGEMENT OF PATIENT COMPLAINTS Authorship: Chief Operating Officer Approved date: 20 September 2012 Approved Governing Body Review Date: April 2013 Equality Impact
More informationINFORMATION GOVERNANCE POLICY
INFORMATION GOVERNANCE POLICY Version Version 1 Ratified By Date Ratified PROPOSED FOR APPROVAL 15/11/12 Author(s) Responsible Committee / Officers Date Issue November 2012 Review Date November 2013 Intended
More informationDocument No: IG10f. Version: 1.0. Information Governance Contracts Guidance. Name of Procedure: Version Control
Document No: IG10f Version: 1.0 Name of Procedure: Information Governance Contracts Guidance Author: Release Date: Review Date: Lauren Hamill, Information Governance Officer Version Control Version Release
More informationA Guide to Clinical Coding Audit Best Practice 2015-16
A Guide to Clinical Coding Audit Best Practice 2015-16 Authors: Clinical Classifications Service Contents 1 Introduction 3 1.1 Purpose of Document 3 1.2 Audience 3 1.3 Background 3 1.3.1 Information Governance
More informationInformation Governance Policy Version - Final Date for Review: 1 October 2017 Lead Director: Performance, Quality and Cooperate Affairs
Information Governance Policy Version - Final Date for Review: 1 October 2017 Lead Director: Performance, Quality and Cooperate Affairs NOTE: This is a CONTROLLED Document. Any documents appearing in paper
More informationInformation Governance Framework and Strategy. November 2014
November 2014 Authorship : Committee Approved : Chris Wallace Information Governance Manager CCG Senior Management Team and Joint Trade Union Partnership Forum Approved Date : November 2014 Review Date
More informationInformation Governance Policy. 2 RESPONSIBLE PERSON: Steve Beeho, Head of Integrated Governance. All CCG-employed staff.
Information Governance Policy 1 SUMMARY This policy is intended to ensure that staff are fully aware of their Information Governance (IG) responsibilities, so that they can effectively manage and best
More informationNHS England Complaints Policy
NHS England Complaints Policy 1 2 NHS England Complaints Policy NHS England Policy and Corporate Procedures Version number: 1.1 First published: September 2014 Prepared by: Kerry Thompson, Senior Customer
More informationHow To Write A National Information Board Paper
NATIONAL INFORMATION BOARD Paper Ref: NIB 0403-009 BOARD PAPER National Information Board Leadership Meeting MARCH 2015 Title: Work stream 4: Build and sustain public trust: Deliver roadmap to consent
More informationInformation Governance Policy
Information Governance Policy Version 1.1 Responsible Person Information Governance Manager Lead Director Head of Corporate Services Consultation Route Information Governance Steering Group Approval Route
More informationPOLICY AND PROCEDURE FOR MANAGING COMPLAINTS, COMMENTS, CONCERNS AND COMPLIMENTS
TITLE: POLICY AND PROCEDURE FOR MANAGING COMPLAINTS, COMMENTS, CONCERNS AND COMPLIMENTS VALID FROM: January 2014 EXPIRES: January 2016 This procedural document supersedes the previous procedural document
More informationROYAL HOLLOWAY University of London. DISCIPLINARY POLICY AND PROCEDURE (for all staff other than academic teaching staff)
APPROVED BY COUNCIL September 2002 ROYAL HOLLOWAY University of London DISCIPLINARY POLICY AND PROCEDURE (for all staff other than academic teaching staff) Disciplinary Policy and Procedure September 2002
More informationInformation Governance Strategy & Policy
Information Governance Strategy & Policy March 2014 CONTENT Page 1 Introduction 1 2 Strategic Aims 1 3 Policy 2 4 Responsibilities 3 5 Information Governance Reporting Structure 4 6 Managing Information
More information