NHS FORTH VALLEY Information Governance Remote Working Guidance

Transcription

1 NHS FORTH VALLEY Information Governance Remote Working Guidance Date of First Issue 09 / 12 / 2011 Approved 12 / 09 / 2013 Current Issue Date 12 / 09 / 2013 Review Date 01 / 12 / 2015 Version V 3.2 EQIA Yes 12 / 03 / 2013 Author / Contact Phil Penman, Information Governance, Group Committee Information Governance Group Final Approval This document can, on request, be made available in alternative formats Version th September 2013 Page 1 of 10

2 Management of Policies Procedure control sheet (Non clinical documents only) Name of document to be loaded Area to be added to Information Governance Remote Working Guidance General / Information governance Type of document Priority Policy Guidance Protocol Other (specify) X Immediate 2 days 7 days 30 days X Questions Understanding Yes No X Required Archive file Yes No X Options Where to be published External and Internal X Internal only Target audience NHSFV wide X Specific Area / service Version th September 2013 Page 2 of 10

3 Consultation and Change Record Contributing Authors: Consultation Process: Distribution: Information Governance Department Security Of Information Working Group Information Governance Group NHSFV Intranet, Internet, Management Of Policies System Change Record Date Author Change Version 09/12/2011 EH Approved for publication V /12/2012 PP Review complete Comments considered V /03/2013 PP Extensive reworking of guidance following review feedback. Inclusion of references for remote access to systems and requirement to review this access on a six monthly basis. 12/08/2013 PP Guidance name altered and appendix 1 added. Paragraph added to Scope highlighting that this document only refers to matters relating to Information Governance, not Health and Safety etc. 11/09/2013 PP Appendix 1 added with key points for staff. Health and Safety Guidance reminder for managers added. V.3.00 V. 3.1 V. 3.2 Version th September 2013 Page 3 of 10

4 Contents POLICY STATEMENT...5 SCOPE...5 DEFINITIONS...6 GENERAL PRINCIPLES...7 GUIDELINES...7 SAFETY, MONITORING AND REVIEW...8 Version th September 2013 Page 4 of 10

5 POLICY STATEMENT NHS Forth Valley (NHSFV) recognises that there is an increasing requirement to be more flexible in the way we work and will support the provision of occasional remote/home working where it is practical to do so. This is based on the notion that certain tasks can be effectively undertaken within the employee s home and does not require attendance in the workplace. Working at home / off-site benefits the organisation by: Providing greater flexibility. Allowing staff and management to choose an environment which enables work to be carried out more effectively and efficiently. e.g. specific project work. Enabling employees to work at home in exceptional circumstances such as bad weather conditions where travelling would pose a greater risk to the employee. SCOPE NHSFV is committed to promoting and practising equal opportunities in employment. This includes giving, wherever practicable; staff the opportunity to work more flexibly. NHSFV will review who occasionally require to work remotely at home/off-site as a proportion of the work force to ensure that there is no direct or indirect discrimination on grounds of race, gender, religion, disability or age. This policy should be read in conjunction with the Equal Opportunities Statement and Code of Practice. This guidance is only applicable in relation to Information Governance whilst working remotely or at home, it should be read in conjunction with any further guidance in relation to health and safety etc. Version th September 2013 Page 5 of 10

6 DEFINITIONS Working at home/off-site Providing staff have approval from their manager they can occasionally remotely work from home for part of their working day even though their contract of employment requires them to have their office based on NHSFV premises. Working at home/off-site does not mean working from home as a base as a permanent arrangement. Working at home/off-site is intended to facilitate a short term ad hoc solution for the completion of work such as detailed documents or specific projects that have tight deadlines and can be completed elsewhere other than the employee s base. What types of activities can be undertaken Staff should continue to comply with the NHSFV Information Security Policy at all times whilst working at home/off-site. It is not appropriate to store or process Person Identifiable Information or other confidential data on any electronic device other than one supplied or approved by NHSFV I.T. Staff requests to occasionally work at home/off-site will commonly involve working with unidentifiable or anonymised information; this would also include the analysis of aggregated data where all identifiers have been removed. Any requests to work on identifiable information or to take files or documents containing identifiable information MUST be approved by your General Manager and only carried out using the appropriate, approved I.T. equipment as required. Staff who require access to NHS Forth Valley Systems occasionally from home/remotely can only do so via a Virtual Private Network (VPN). Departmental funding will be required for the procurement of a secure connection and any additional computer hardware required for use remotely. The facility should be requested through the NHS Forth Valley ICT Service Desk. Currently this method of access is limited to a few staff using the correct confidentiality and security procedures. A risk assessment is required in addition to approval from the system owner and General Manager. Version th September 2013 Page 6 of 10

7 GENERAL PRINCIPLES Staff should not lose out financially or in terms of job satisfaction or career prospects. It is essential for this practice to be reviewed on a six monthly basis and, if necessary, to revert to previous arrangements. GUIDELINES The following guidelines apply when working at home / or off-site:- a. Working at home/off-site should be used to undertake specific work activities. b. Frequency and duration of working at home/off-site must be agreed with the General manager and relevant colleagues. c. Once there is an agreement that an individual may work at home/off-site for a part of a day, given day or given period of days, the arrangement should be respected in so far as possible. d. Reasonable notice of a request to work at home/off-site must be given. e. Staff working at home/off-site may be recalled to work premises at short notice. f. In cases where staff working at home/off-site, are frequently recalled to work premises at short notice, working arrangements should be reviewed. g. Individuals and colleagues/managers should jointly monitor the impact of time spent working at home/off-site. h. Staff working at home/off-site are required to carry out their work duties during their normal hours of work. Any domestic arrangements such as childcare/carer arrangements must remain in place throughout the hours of work. i. Perceived problems caused by staff working at home/off-site should be addressed within departments and/or teams. j. Staff working at home/off-site must be contactable by telephone. k. Where staff have remote access to NHSFV systems, a six monthly review should be undertaken by their line manager to ensure access is still required. Version th September 2013 Page 7 of 10

8 SAFETY, MONITORING AND REVIEW Working at home / off-site within NHSFV will be monitored and reviewed every six months to ensure that the terms of this policy are operating effectively. SECURITY Staff must adhere to the following NHS Forth Valley policies whilst working from home/off-site to ensure safe systems of working remotely: Information Security Policy Moveable Media Policy Data Protection and confidentiality policy Staff must also ensure mandatory data protection training is kept up to date. Any breaches will be investigated in line with the Management of Employee Conduct Policy. HEALTH AND SAFETY GUIDANCE Managers are required to consider health and safety homeworking issues for employees when there is a formal arrangement with the employee for them to work at home (either temporary or permanent working ). Managers and employees should carefully consider any issues and where action is required these must be put in place to reduce any significant risks to an acceptable level. The Home working Basic H&S Guidance and Personal Checklist provides information to assist in this process. Version th September 2013 Page 8 of 10

9 Appendix 1. Key points for staff If you wish to work from home for a short period then request it at the earliest opportunity in writing to your line manager. Patient and staff identifiable information requires authorisation from a General Manager if it is to be used at home whether in paper or electronic formats. Electronic data must remain on encrypted NHS laptops and USB drives if it includes data which is confidential or contains staff/patient identifiable information. Staff must still adhere to NHS Forth Valley policies whilst working from home or off-site. i.e. Information Security Policy. Version th September 2013 Page 9 of 10

10 Publications in Alternative Formats NHS Forth Valley is happy to consider requests for publications in other language or formats such as large print. To request another language for a patient, please contact For other formats contact , text , fax or FV-uhb.nhsfv-alternativeformats@nhs.net Version th September 2013 Page 10 of 10