Information governance policy
|
|
- Chester Benson
- 8 years ago
- Views:
Transcription
1 Information governance policy Issue sheet Document reference Document location Title Author Issued to Reason issued NHSBSAIGM002a S:\BSA\IGM\Mng IG\Developing Policy and Strategy\Develop or Review IG Policy\Current and Final NHS Business Services Authority Information governance policy Gordon Wanless All NHSBSA staff For information / action Last reviewed 16 January 2014 Revision details Version Date Amended by Approved by Details of amendments Initial release IGSG The third last bullet point in to include reference to EIR and PSI. Amend affordable in the last bullet point in to be cost-effective. The fourth bullet point in to include reference to EIR and PSI. a C Dunn & C Gooday IGSG Add within cost and resource restraints at the end of the third bullet point in Amendments to reflect PCI DSS Compliance 3.2 Review period changed from periodically to annually Final\NHSBSAIGM002a - NHSBSA Information Governance Policy.doc 1
2 Contents 1. Introduction 2. Policy statement 3. Principles 4. Scope of this policy 5. Policy 6. Information governance responsibilities 7. Validity of this policy Appendix A. Information governance management system overview B. Information governance documentation and materials overview 1. Introduction 1.1 The information held by the NHS Business Services Authority (NHSBSA) represents one of our most valuable assets. Without that information the NHSBSA could not operate. It is therefore essential that all information and information systems at the NHSBSA's sites are protected against the many threats which may affect confidentiality and overall service provision. Such threats can range from accidental damage to deliberate disclosure of sensitive information. 1.2 Information security is the responsibility of every member of staff in the NHSBSA. The information systems currently in use employ technical processes to help in maintaining the confidentiality, integrity and availability of the information they hold. However, these security measures can be weakened through careless actions such as writing down or sharing a password. 1.3 The scope of this Information Governance (IG) policy is to support the protection, control and management of NHSBSA s information assets. The policy is concerned with all information systems, electronic and non-electronic, and will apply to all divisions, sites and departments in the NHSBSA, to all NHSBSA staff and as appropriate to its contractors and third party service providers. It will cover all information within the NHSBSA, which could include data and information that is: stored on computers transmitted across internal and public networks such as or intranet/internet stored within databases printed or hand written on paper, white boards etc. Final\NHSBSAIGM002a - NHSBSA Information Governance Policy.doc 2
3 sent by facsimile (fax), telex or other communications method stored on removable media such as CD-ROMs, hard disks, tapes and other similar media stored on fixed media such as hard disks and sub-systems held on film or microfiche presented on slides, overhead projectors, using visual and audio media spoken during telephone calls and meetings or conveyed by any other method. 1.4 The NHSBSA is committed to properly protecting the information that it holds. This policy and associated practices and procedures have been agreed by the NHSBSA Leadership Team and Senior Management of the NHSBSA. 2. Policy statement 2.1 This document defines the IG policy for the NHSBSA. 2.2 The IG policy applies to all information obtained and processed by the NHSBSA and the NHSBSA s employees. 2.3 This document: sets out the NHSBSA s policy for the protection of all information obtained and processed establishes the responsibilities for IG. 3. Principles 3.1 There are four key interlinked strands to this policy: Openness: Openness Legal compliance Information security Quality assurance The NHSBSA recognises the need for an appropriate balance between openness and confidentiality in the management and use of information. Information will be defined and where appropriate kept confidential, underpinning the principles of Caldicott and the regulations outlined in the Data Protection Act 1998 (DPA). Non-confidential information about the NHSBSA and services will be available to the public through a variety of Final\NHSBSAIGM002a - NHSBSA Information Governance Policy.doc 3
4 means, one of which will be the provisions of the Freedom of Information Act 2000 (FOIA). There will be clear procedures and arrangements for handling queries from members of the public. The NHSBSA will have clear procedures and arrangements for liaison with the press and broadcasting media. Integrity of information will be developed, monitored and maintained to ensure that it is appropriate for the purposes intended. Availability of information for operational purposes will be maintained within set parameters relating to its importance via appropriate procedures and computer system resilience. The NHSBSA regards all identifiable personal information relating to members of the public as confidential, compliance with legal and regulatory framework will be achieved, monitored and maintained. The NHSBSA regards all identifiable personal information relating to staff as confidential except where national policy on accountability and openness requires otherwise. The NHSBSA will establish and maintain policies and procedures to ensure compliance with the DPA, Human Rights Act 1998 (HRA), the common law duty of confidentiality, Environmental Information regulations 2004 (EIR), the Re-use of Public Sector Information regulations 2005 (PSI) and the FOIA. The NHSBSA will ensure compliance with Payment Card Industry (PCI) Data Security Standard (DSS). Awareness and understanding of all staff, with regard to their responsibilities, will be routinely assessed, recorded and appropriate training and awareness provided. Risk assessment, in conjunction with overall priority planning of NHSBSA activity will be undertaken to determine appropriate, cost-effective IG controls are in place Legal compliance: The NHSBSA regards all identifiable personal information relating to members of the public as confidential. The NHSBSA will undertake or commission annual assessments and audits of its compliance against legal requirements. The NHSBSA regards all identifiable personal information relating to staff as confidential except where national policy on accountability and openness requires otherwise. The NHSBSA will establish and maintain policies and procedures to ensure compliance with the DPA, HRA, the common law duty of confidentiality, EIR, PSI and the FOIA. The NHSBSA will establish and maintain policies for the controlled and appropriate sharing of patient identifiable information with other agencies, Final\NHSBSAIGM002a - NHSBSA Information Governance Policy.doc 4
5 taking account of relevant legislation (e.g. Health and Social Care Act, Crime and Disorder Act, Protection of Children Act) Information security: The NHSBSA will establish and maintain policies for the effective and secure management of its information assets and resources. Audits will be undertaken or commissioned to assess information and IT security arrangements. The NHSBSA s incident reporting system will be used to report, monitor and investigate all breaches of confidentiality and security Information quality assurance: The NHSBSA will establish and maintain policies for information quality assurance and the effective management of records. Audits will be undertaken or commissioned of the NHSBSA s quality of data and records management arrangements. Managers will be expected to take ownership of, and seek to improve, the quality of data within their services within cost and resource restraints Wherever possible, information quality will be assured at the point of collection. The NHSBSA will promote data quality through policies, procedures/user manuals and training. 3.2 This policy and any associated procedures will be reviewed annually by the NHSBSA Leadership Team. Where review is necessary due to legislative change this will happen immediately. 3.3 In accordance with the NHSBSA s Equality and diversity policy, this policy will not discriminate, either directly or indirectly, on the grounds of gender, race, colour, ethnic or national origin, sexual orientation, marital status, religion or belief, age, union membership, disability, offending background or any other personal characteristic. 4. Scope of this policy This policy covers all forms of information held by the NHSBSA, including (but not limited to): information about members of the public non NHSBSA employees on NHSBSA premises staff and personnel information organisational, business and operational information cardholder data. Final\NHSBSAIGM002a - NHSBSA Information Governance Policy.doc 5
6 4.2 This policy applies to all aspects of information handling, including (but not limited to): structured record systems - paper and electronic information recording and processing systems whether paper, electronic, video or audio records information transmission systems, such as fax, , portable media, post and telephone. 4.3 This policy covers all information systems purchased, developed and managed by / or on behalf of, the NHSBSA and any individual directly employed or otherwise by the NHSBSA. 5. Policy 5.1 IG is the function of corporate governance that ensures the confidentiality, integrity and availability of the NHSBSA s information assets. It is concerned with the facilitation of delivering accurate contextual information to those who require it for a recognised purpose, whether they be manager, administrator, supporting staff, service user or a member of the public, whilst complying with the legal and regulatory framework. 5.2 An information governance management system (IGMS), including associated policies, procedures, protocols and guidelines and the ongoing monitoring thereof, ensures that the risks to such information assets are identified, assessed and adequately controlled in compliance with: the current legislative framework applicable NHS codes of practice and regulations recognised best practice for information handling and information security information governance toolkit requirements PCI DSS. 5.3 Developing an overall IGMS will include: the definition of an IG policy and strategy the identification (audit) of all existing information assets and the documentation thereof in a suitable information asset register completion of a formal risk assessment, identify threats and vulnerabilities to assets and systems and the potential associated impacts on delivery that each risk eventually would cause assessment, costing, selection and implementation of appropriate controls, and the developing of procedure and process-related documentation production of a Statement of Applicability (SOA) and the final combining of documentation to allow, if desired, formal accreditation to the adopted Final\NHSBSAIGM002a - NHSBSA Information Governance Policy.doc 6
7 standard of information security (ISO/IEC 27001:2005 (formerly BS :2002)) the ongoing monitoring of the effects of the IGMS and SOA and the review of controls accordingly management of the IG toolkit annual production of an Attestation of Compliance with PCI DSS. 6. Information governance responsibilities 6.1 It is the role of the NHSBSA Leadership Team to define the NHSBSA s policy in respect of IG, taking into account legal and NHS requirements. The NHSBSA Leadership Team is also responsible for ensuring that sufficient resources are provided to support the requirements of the policy. 6.2 The NHSBSA Leadership Team members, whilst retaining their legal responsibilities, have delegated IG compliance to the NHSBSA Information Governance and Security Group (IGSG). 6.3 The IGSG is responsible for overseeing day to day IG issues; developing and maintaining policies, standards, procedures and guidance, coordinating IG in the NHSBSA and raising awareness of IG. 6.4 Managers within the NHSBSA are responsible for ensuring that this policy and its supporting standards and guidelines are built into local processes and that there is on-going compliance. 6.5 All staff, whether permanent, temporary or contracted, and contractors are responsible for ensuring that they are aware of the requirements incumbent upon them and for ensuring that they comply with these on a day to day basis. 7. Validity of this policy 7.1 This policy is designed to avoid discrimination and be in accordance with the HRA and its underlying principles. 7.2 This policy should be reviewed annually under the authority of the NHSBSA Leadership Team members. Associated IG standards should be subject to an ongoing development and review programme. Final\NHSBSAIGM002a - NHSBSA Information Governance Policy.doc 7
8 Appendix A Information governance management system overview Information Governance Management System Data Protection Freedom of Information Information Security Business Continuity Records Management Information Governance Policy Procedure Policy Procedure Policy Procedure Policy Policy Records Register Policy Strategy Procedure Subject Access Requests Requests for Information Disclaimer Information Governance Confidentiality Code of Practice Internal Review Incident Reporting Acceptable Use (inc. Monitoring) Policy Asset Register
9 Appendix B Information governance documentation and materials overview Policy Information governance management system (IGMS) Consists of policies on: o data protection o freedom of information o acceptable use o information security o business continuity o records management o information governance. The IGMS sets high level direction and required standards across the NHSBSA. This is supported where necessary by procedures and specific guidance documents, where the required controls are explained in detail. Procedure and guidance Data protection procedure Freedom of information procedure guidance document Internet guidance document Records register Responsibilities and key awareness messages for all staff are contained in the IGMS and guidance documents, but also in two key documents that have been written specifically to be accessible to all staff as detailed below: Awareness all staff Confidentiality code of practice summary leaflet Acceptable use staff agreement In addition to the code of practice leaflet and the acceptable use staff agreement, a reference pack of guidance will be available online.
10 Reference available to all Information handling reference pack, including: o awareness materials for staff and public o guidance on providing access to patient type records (patients, relatives, children, deceased and solicitors) o information sharing documentation (police, research, children) o freedom of information process documentation o communication guidance (fax, phone etc.). This pack will be updated regularly. Computer based materials: o Screen saver o Acceptable use challenge o Data protection/freedom of information/information security awareness training.
NHS Business Services Authority Information Governance Policy
NHS Business Services Authority Information Governance Policy NHS Business Services Authority Corporate Secretariat NHSBSAIGM002 Issue Sheet Document reference NHSBSAIGM002 Document location F:\CEO\IGM\Info
More informationCORPORATE POLICY & PROCEDURE NO. 7 INFORMATION GOVERNANCE POLICY. December 2014
CORPORATE POLICY & PROCEDURE NO. 7 INFORMATION GOVERNANCE POLICY December 2014 DOCUMENT INFORMATION Author: Barbara Sansom Information Governance Manager Equality Impact Assessment Consultation & Approval
More informationInformation security policy
Information security policy Issue sheet Document reference Document location Title Author Issued to Reason issued NHSBSARM001 S:\BSA\IGM\Mng IG\Developing Policy and Strategy\Develop or Review of IS Policy\Current
More informationInformation Governance Policy. Church Road Medical Practice
Information Governance Policy Church Road Medical Practice Version No: 1.0 Issue Date: March 2015 INFORMATION GOVERNANCE POLICY 1. Summary Information is a vital asset, both in terms of the clinical management
More informationGloucestershire Hospitals
Gloucestershire Hospitals NHS Foundation Trust TRUST POLICY In the case of hard copies of this policy the content can only be assured to be accurate on the date of issue marked on the document. The Policy
More informationMOORLAND SURGICAL SUPPLIES LTD INFORMATION GOVERNANCE POLICY
MOORLAND SURGICAL SUPPLIES LTD INFORMATION GOVERNANCE POLICY Moorland is committed to ensuring that, as far as it is reasonably practicable, the way we provide services to the public and the way we treat
More informationSALISBURY NHS FOUNDATIONTRUST
SALISBURY NHS FOUNDATIONTRUST PAPER SHC 1738 TITLE Information Governance Policy PURPOSE OF PAPER The Information Governance Policy was first approved in April 2005. It is currently due for review to ensure
More informationInformation Governance Policy
Information Governance Policy REFERENCE NUMBER IG 101 / 0v3 May 2012 VERSION V1.0 APPROVING COMMITTEE & DATE Clinical Executive 4.9.12 REVIEW DUE DATE May 2015 West Lancashire CCG is committed to ensuring
More informationNHS Business Services Authority Information Security Policy
NHS Business Services Authority Information Security Policy NHS Business Services Authority Corporate Secretariat NHSBSAIS001 Issue Sheet Document reference NHSBSARM001 Document location F:\CEO\IGM\IS\BSA
More informationINFORMATION GOVERNANCE POLICY
Directorate of Performance Assurance INFORMATION GOVERNANCE POLICY Reference: DCP074 Version: 2.5 This version issued: 27/03/15 Result of last review: Minor changes Date approved by owner (if applicable):
More informationInformation Governance Policy
BEXLEY CARE TRUST MANAGEMENT MANUAL Title: INFORMATION GOVERNANCE POLICY Originating Department: IT DEPARTMENT Authorised by: Risk Management Committee June 2008 Reference no: CA12 Date of Issue: JANUARY
More informationInformation Governance Policy
Information Governance Policy Responsible Officer Author Ben Bennett, Business Planning & Resources Director Julian Lewis, Governance Manager Date effective from August 2009 Date last amended August 2009
More informationINFORMATION GOVERNANCE POLICY
INFORMATION GOVERNANCE POLICY Primary Intranet Location Information Management & Governance Version Number Next Review Year Next Review Month 7.0 2018 January Current Author Phil Cottis Author s Job Title
More informationINFORMATION GOVERNANCE OPERATING POLICY & FRAMEWORK
INFORMATION GOVERNANCE OPERATING POLICY & FRAMEWORK Log / Control Sheet Responsible Officer: Chief Finance Officer Clinical Lead: Dr J Parker, Caldicott Guardian Author: Associate IG Specialist, Yorkshire
More informationInformation Governance Policy
Information Governance Policy Policy ID IG02 Version: V1 Date ratified by Governing Body 27/09/13 Author South Commissioning Support Unit Date issued: 21/10/13 Last review date: N/A Next review date: September
More informationINFORMATION GOVERNANCE POLICY
INFORMATION GOVERNANCE POLICY NWAS Information Governance Policy Page: Page 1 of 10 Date of Issue: January 2014 Date of Review February 2015 Recommended by Approved by Information Governance Management
More informationINFORMATION GOVERNANCE POLICY
INFORMATION GOVERNANCE POLICY Version Version 1 Ratified By Date Ratified PROPOSED FOR APPROVAL 15/11/12 Author(s) Responsible Committee / Officers Date Issue November 2012 Review Date November 2013 Intended
More informationINFORMATION GOVERNANCE POLICY
INFORMATION GOVERNANCE POLICY Information Governance Policy_v2.0_060913_LP Page 1 of 14 Information Reader Box Directorate Purpose Document Purpose Document Name Author Corporate Governance Guidance Policy
More informationBusiness continuity management policy
Business continuity management policy Issue sheet Document reference Document location Title Author Issued to Reason issued NHSBSADPN001b S:\BSA\IGM\Mng IG\Developing Policy and Strategy\Develop or Review
More informationINFORMATION GOVERNANCE STRATEGY
INFORMATION GOVERNANCE STRATEGY Page 1 of 10 Strategy Owner Valerie Penn, Head of Governance Strategy Author Caroline Law, Information Governance Project Manager Directorate Corporate Governance Ratifying
More informationInformation Governance Policy (incorporating IM&T Security)
(incorporating IM&T Security) ONCE PRINTED OFF, THIS IS AN UNCONTROLLED DOCUMENT. PLEASE CHECK THE INTRANET FOR THE MOST UP TO DATE COPY Target Audience: All staff employed or working on behalf of the
More informationInformation Governance Policy
Information Governance Policy UNIQUE REF NUMBER: AC/IG/013/V1.2 DOCUMENT STATUS: Approved by Audit Committee 19 June 2013 DATE ISSUED: June 2013 DATE TO BE REVIEWED: June 2014 1 P age AMENDMENT HISTORY
More informationINFORMATION GOVERNANCE STRATEGIC VISION, POLICY AND FRAMEWORK
INFORMATION GOVERNANCE STRATEGIC VISION, POLICY AND FRAMEWORK Policy approved by: Assurance Committee Date: 3 December 2014 Next Review Date: December 2016 Version: 1.0 Information Governance Strategic
More information1.5 The Information Governance Policy should be read in conjunction with the Information Governance Strategy.
Title: Reference No: NHSNYYIG - 007 Owner: Author: INFORMATION GOVERNANCE POLICY Director of Standards First Issued On: September 2010 Latest Issue Date: February 2012 Operational Date: February 2012 Review
More informationInformation Governance Policy
Information Governance Policy Policy Summary This policy outlines the organisation s approach to the management of Information Governance and information handling. It explains the accountability and reporting
More informationBarnsley Clinical Commissioning Group. Information Governance Policy and Management Framework
Putting Barnsley People First Barnsley Clinical Commissioning Group Information Governance Policy and Management Framework Version: 1.1 Approved By: Governing Body Date Approved: 16 January 2014 Name of
More informationPolicy Document Control Page
Policy Document Control Page Title Title: Information Governance Policy Version: 5 Reference Number: CO44 Keywords: Information Governance Supersedes Supersedes: Version 4 Description of Amendment(s):
More informationInformation Governance Strategy 2015/16
Information Governance Strategy 2015/16 Ratified Governing Body (November 2015) Status Final Issued November 2015 Approved By Executive Committee (August 2015) Consultation Equality Impact Assessment Internal
More informationInformation Governance Policy
Author: Susan Hall, Information Governance Manager Owner: Fiona Jamieson, Assistant Director of Healthcare Governance Publisher: Compliance Unit Date of first issue: February 2005 Version: 5 Date of version
More informationNHS Commissioning Board: Information governance policy
NHS Commissioning Board: Information governance policy DOCUMENT STATUS: To be approved / Approved DOCUMENT RATIFIED BY: DATE ISSUED: October 2012 DATE TO BE REVIEWED: April 2013 2 AMENDMENT HISTORY: VERSION
More informationInformation Governance Policy
Policy Policy Number / Version: v2.0 Ratified by: Audit Committee Date ratified: 25 th February 2015 Review date: 24 th February 2016 Name of originator/author: Name of responsible committee/individual:
More informationInformation Governance Policy
Information Governance Policy Information Governance Policy Issue Date: June 2014 Document Number: POL_1008 Prepared by: Information Governance Senior Manager Insert heading depending on Insert line heading
More informationInformation Governance Policy
Information Governance Policy Version: Revised: Consultation: Ratified by: 1.0 Information Governance Committee Governance Committee Date ratified: 19 March 2008 Name of originator/author: David McGrath
More informationINFORMATION GOVERNANCE POLICY & STRATEGY FINAL DRAFT
INFORMATION GOVERNANCE POLICY & STRATEGY FINAL DRAFT Prepared By: Alistair Stewart Responsible Person: Endorsed by: Information Governance Committee Date: May 2008 Review: June 2009 Issue Number Draft
More informationDate of review: January 2016 Policy Category: Corporate Sponsor (Director): Chief Executive CONTENT SECTION DESCRIPTION PAGE.
Title: Information Governance Policy Date Approved: Approved by: Date of review: Policy Ref: Issue: January 2015 Information Governance Group Division/Department: January 2016 Policy Category: ISP-04 5
More informationInformation Governance Strategy and Policy. OFFICIAL Ownership: Information Governance Group Date Issued: 15/01/2015 Version: 2.
Information Governance Strategy and Policy Ownership: Information Governance Group Date Issued: 15/01/2015 Version: 2.0 Status: Final Revision and Signoff Sheet Change Record Date Author Version Comments
More informationNHS Newcastle Gateshead Clinical Commissioning Group. Information Governance Strategy 2015/16
NHS Newcastle Gateshead Clinical Commissioning Group Information Governance Strategy 2015/16 Document Status Equality Impact Assessment Document Ratified/Approved By Approved No impact NHS Quality, Safety
More informationNHS North Durham Clinical Commissioning Group. Information Governance Strategy 2015/16
NHS North Durham Clinical Commissioning Group Information Governance Strategy 2015/16 Document Status Equality Impact Assessment Document Ratified/Approved By Final No impact Risk and Audit Committee/Governing
More informationAll CCG staff. This policy is due for review on the latest date shown above. After this date, policy and process documents may become invalid.
Policy Type Information Governance Corporate Standing Operating Procedure Human Resources X Policy Name CCG IG03 Information Governance & Information Risk Policy Status Committee approved by Final Governance,
More informationInformation Governance Policy
Information Governance Policy Version: 4 Bodies consulted: Caldicott Guardian, IM&T Directors Approved by: MT Date Approved: 27/10/2015 Lead Manager: Governance Manager Responsible Director: SIRO Date
More informationINFORMATION GOVERNANCE INFORMATION GOVERNANCE POLICY
Appendix 1 INFORMATION GOVERNANCE INFORMATION GOVERNANCE POLICY Author Information Governance Review Group Information Governance Committee Review Date May 2014 Last Update February 2013 Document No. GV
More informationINFORMATION GOVERNANCE POLICY
INFORMATION GOVERNANCE POLICY Version: 3.2 Authorisation Committee: Date of Authorisation: May 2014 Ratification Committee Level 1 documents): Date of Ratification Level 1 documents): Signature of ratifying
More informationHow To Ensure Network Security
NETWORK SECURITY POLICY Policy approved by: Assurance Committee Date: 3 December 2014 Next Review Date: December 2016 Version: 1.0 Page 1 of 12 Review and Amendment Log/Control Sheet Responsible Officer:
More informationINFORMATION GOVERNANCE POLICY
INFORMATION GOVERNANCE POLICY POLICY NO IM&T 011 DATE RATIFIED January 2012 NEXT REVIEW DATE January 2015 POLICY STATEMENT/KEY OBJECTIVE: To provide an overarching framework through which Information Governance
More informationInformation Governance Policy Version - Final Date for Review: 1 October 2017 Lead Director: Performance, Quality and Cooperate Affairs
Information Governance Policy Version - Final Date for Review: 1 October 2017 Lead Director: Performance, Quality and Cooperate Affairs NOTE: This is a CONTROLLED Document. Any documents appearing in paper
More informationINFORMATION GOVERNANCE STRATEGY NO.CG02
INFORMATION GOVERNANCE STRATEGY NO.CG02 Applies to: All NHS LA employees, Non-Executive Directors, secondees and consultants, and/or any other parties who will carry out duties on behalf of the NHS LA.
More informationInformation Governance Strategy. Version No 2.0
Plymouth Community Healthcare CIC Information Governance Strategy Version No 2.0 Notice to staff using a paper copy of this guidance. The policies and procedures page of PCH Intranet holds the most recent
More informationInformation Governance Strategy & Policy
Information Governance Strategy & Policy March 2014 CONTENT Page 1 Introduction 1 2 Strategic Aims 1 3 Policy 2 4 Responsibilities 3 5 Information Governance Reporting Structure 4 6 Managing Information
More informationInformation Governance Strategy
Information Governance Strategy Document Status Draft Version: V2.1 DOCUMENT CHANGE HISTORY Initiated by Date Author Information Governance Requirements September 2007 Information Governance Group Version
More informationNetwork Security Policy
Department / Service: IM&T Originator: Ian McGregor Deputy Director of ICT Accountable Director: Jonathan Rex Interim Director of ICT Approved by: County and Organisation IG Steering Groups and their relevant
More informationTrust Informatics Policy. Information Governance. Information Governance Policy
Trust Informatics Policy Information Governance Policy Reference: TIP/IG/IGP I:\IG\IGM\IGT\March 2011\Document Library\Policies\Approved/ - 1 Document Control Policy Title Author/Contact Document Reference
More informationNHS Hartlepool and Stockton-on-Tees Clinical Commissioning Group. Information Governance Strategy 2015/16
NHS Hartlepool and Stockton-on-Tees Clinical Commissioning Group Information Governance Strategy 2015/16 Document Status Equality Impact Assessment Final No impact Document Ratified/Approved By Hartlepool
More informationVersion Number Date Issued Review Date V1 25/01/2013 25/01/2013 25/01/2014. NHS North of Tyne Information Governance Manager Consultation
Northumberland, Newcastle North and East, Newcastle West, Gateshead, South Tyneside, Sunderland, North Durham, Durham Dales, Easington and Sedgefield, Darlington, Hartlepool and Stockton on Tees and South
More informationInformation Governance Strategy
Information Governance Strategy ONCE PRINTED OFF, THIS IS AN UNCONTROLLED DOCUMENT. PLEASE CHECK THE INTRANET FOR THE MOST UP TO DATE COPY Target Audience: All staff employed or working on behalf of the
More informationCaedmon College Whitby
Caedmon College Whitby Data Protection and Information Security Policy College Governance Status This policy was re-issued in June 2014 and was adopted by the Governing Body on 26 June 2014. It will be
More informationInformation Governance
Information Governance Information for Patients Information Governance (IG) Contents: Identifying the IG Lead for the Practice. This identifies the main people responsible for Information Governance Policy.
More informationJOB DESCRIPTION. Information Governance Manager
JOB DESCRIPTION POST TITLE: Information Governance Manager DIRECTORATE: ACCOUNTABLE TO: BAND: LOCATION: CSS Head of Information Governance 8a CSS Job Purpose The Information Governance Manager will ensure
More informationInformation Governance Policy
Information Governance Policy Reference: Information Governance Policy Date Approved: April 2013 Approving Body: Board of Trustees Implementation Date: April 2013 Version: 6 Supersedes: 5 Stakeholder groups
More informationInformation Governance Policy
Information Governance Policy Document Number 01 Version Number 2.0 Approved by / Date approved Effective Authority Customer Services & ICT Authorised by Assistant Director Customer Services & ICT Contact
More informationNETWORK SECURITY POLICY
NETWORK SECURITY POLICY Policy approved by: Governance and Corporate Affairs Committee Date: December 2014 Next Review Date: August 2016 Version: 0.2 Page 1 of 14 Review and Amendment Log / Control Sheet
More informationIS INFORMATION SECURITY POLICY
IS INFORMATION SECURITY POLICY Version: Version 1.0 Ratified by: Trust Executive Committee Approved by responsible committee(s) IS Business Continuity and Security Group Name/title of originator/policy
More informationUSE OF PERSONAL MOBILE DEVICES POLICY
Policies and Procedures USE OF PERSONAL MOBILE DEVICES POLICY Date Approved by Information Strategy Group Version Issue Date Review Date Executive Lead Information Asset Owner Author 15.04.2014 1.0 01/08/2014
More informationINFORMATION GOVERNANCE POLICY
INFORMATION GOVERNANCE POLICY Issued by: Senior Information Risk Owner Policy Classification: Policy No: POLIG001 Information Governance Issue No: 1 Date Issued: 18/11/2013 Page No: 1 of 16 Review Date:
More informationInformation Governance Plan
Information Governance Plan 2013 2015 1. Overview 1.1 Information is a vital asset, both in terms of the clinical management of individual patients and the efficient organisation of services and resources.
More informationSafe Haven Policy. Equality & Diversity Statement:
Title: Safe Haven Policy Reference No: 010/IT Owner: Deputy Chief Officer Author Information Governance Lead First Issued On: November 2012 Latest Issue Date: March 2015 Operational Date: March 2015 Review
More informationData Subject Access Request Procedure
Data Subject Access Request Procedure Policy ID IG07 Version: 2.0 Ratified by: Executive Committee Name of originator/author: Justin Dix, Governing Body Secretary Name of responsible committee/individual:
More informationRemote Working and Portable Devices Policy
Remote Working and Portable Devices Policy Policy ID IG04 Version: V1 Date ratified by Governing Body 29/09/13 Author South Commissioning Support Unit Date issued: 21/10/13 Last review date: N/A Next review
More informationINFORMATION GOVERNANCE POLICY
INFORMATION GOVERNANCE POLICY Including the Information Governance Strategy Framework and associated Information Governance Procedures Last Review Date Approving Body N/A Governing Body Date of Approval
More informationINFORMATION GOVERNANCE
This document is uncontrolled once printed. Please refer to the Trusts Intranet site (Procedural Documents) for the most up to date version INFORMATION GOVERNANCE NGH-PO-233 Ratified By: Procedural Document
More informationInformation Governance Strategy. Version No 2.1
Livewell Southwest Information Governance Strategy Version No 2.1 Notice to staff using a paper copy of this guidance. The policies and procedures page of LSW Intranet holds the most recent version of
More informationINFORMATION GOVERNANCE POLICY
INFORMATION GOVERNANCE POLICY Name of Policy Author: Name of Review/Development Body: Ratification Body: Ruth Drewett Information Governance Steering Group Committee Trust Board : April 2015 Review date:
More informationInformation Governance Strategy
Information Governance Strategy THCCGCG9 Version: 01 The information governance strategy outlines the CCG governance aims and the key objectives of its governance policies. The Chief officer has the overarching
More informationBEFORE USING THIS GUIDANCE, MAKE SURE YOU HAVE THE MOST UP TO DATE VERSION GUIDANCE 2 POLICY AREA: INFORMATION GOVERNANCE
GUIDANCE 1 TITLE: INFORMATION GOVERNANCE FRAMEWORK 2 POLICY AREA: INFORMATION GOVERNANCE 3 ACCOUNTABLE DIRECTOR FOR POLICY AREA: DIRECTOR OF QUALITY AND GOVERNANCE 4 GUIDANCE DRAFTED BY: INTEGRATED GOVERNANCE
More informationInformation & ICT Security Policy Framework
Information & ICT Security Framework Version: 1.1 Date: September 2012 Unclassified Version Control Date Version Comments November 2011 1.0 First draft for comments to IT & Regulation Group and IMG January
More informationSubject Access Request (SAR) Procedure
Subject Access Request (SAR) Procedure East and North Hertfordshire Clinical Commissioning Group Page 1 of 16 DOCUMENT CONTROL SHEET Document Owner: Chief Finance Officer Document Author(s): Anne Ephgrave
More informationInformation Management Policy CCG Policy Reference: IG 2 v4.1
Information Management Policy CCG Policy Reference: IG 2 v4.1 Document Title: Policy Information Management Document Status: Final Page 1 of 15 Issue date: Nov-2015 Review date: Nov-2016 Document control
More informationInformation Governance Framework and Strategy. November 2014
November 2014 Authorship : Committee Approved : Chris Wallace Information Governance Manager CCG Senior Management Team and Joint Trade Union Partnership Forum Approved Date : November 2014 Review Date
More informationWhat NHS staff need to know
St George s Healthcare NHS NHS Trust Surrey Health Informatics Service Sussex Health Informatics Service Records Management Explained What NHS staff need to know A guide to Records Management Contents
More informationInformation Governance Policy
Information Governance Policy Version 1.1 Responsible Person Information Governance Manager Lead Director Head of Corporate Services Consultation Route Information Governance Steering Group Approval Route
More informationINFORMATION SECURITY POLICY
INFORMATION SECURITY POLICY Policy approved by: Audit and Governance Committee Date: 4 th December 2014 Next Review Date: December 2016 Version: 1 Information Security Policy Page 1 of 17 Review and Amendment
More informationNorth East Ambulance Service NHS Foundation Trust. Job Description
North East Ambulance Service NHS Foundation Trust Job Description Job Title Patient Experience Clerk A4C Band 3 Accountability Complaints Manager Directorate Clinical Care and Patient Safety Date September
More informationInformation Governance Policy. 2 RESPONSIBLE PERSON: Steve Beeho, Head of Integrated Governance. All CCG-employed staff.
Information Governance Policy 1 SUMMARY This policy is intended to ensure that staff are fully aware of their Information Governance (IG) responsibilities, so that they can effectively manage and best
More informationInformation Sharing Policy
Information Sharing Policy REFERENCE NUMBER IG 010 / 0v3 February 2013 VERSION V1.0 APPROVING COMMITTEE & DATE Clinical Executive Committee 5.2.13 REVIEW DUE DATE February 2016 West Lancashire CCG is committed
More informationINFORMATION GOVERNANCE AND SECURITY 1 POLICY DRAFTED BY: INFORMATION GOVERNANCE LEAD 2 ACCOUNTABLE DIRECTOR: SENIOR INFORMATION RISK OWNER
INFORMATION GOVERNANCE AND SECURITY 1 POLICY DRAFTED BY: INFORMATION GOVERNANCE LEAD 2 ACCOUNTABLE DIRECTOR: SENIOR INFORMATION RISK OWNER 3 APPLIES TO: ALL STAFF 4 COMMITTEE & DATE APPROVED: AUDIT COMMITTEE
More informationINFORMATION GOVERNANCE POLICY & FRAMEWORK
INFORMATION GOVERNANCE POLICY & FRAMEWORK Version 1.2 Committee Approved by Audit Committee Date Approved 5 March 2015 Author: Responsible Lead: Associate IG Specialist, YHCS Corporate & Governance Manger
More informationNHS Business Services Authority Records Management Audit Framework
NHS Business Services Authority Records Management Audit Framework NHS Business Services Authority Corporate Secretariat NHSBSARM019 Issue Sheet Document Reference Document Location Title Author Issued
More informationJOB DESCRIPTION. Specialist Community Practitioner School Nurse (Child and Family Health)
JOB DESCRIPTION Title: Specialist Community Practitioner School Nurse (Child and Family Health) Band: Band 6 Location/Base: Designated Locality within the Trust Directorate/Dept.: Children s Provider Services
More informationSenate. SEN15-P17 11 March 2015. Paper Title: Enhancing Information Governance at Loughborough University
SEN15-P17 11 March 2015 Senate Paper Title: Enhancing Information Governance at Loughborough University Author: Information Technology & Governance Committee 1. Specific Decision Required by Committee
More informationInformation Security Policy
Information Security Policy Author: Responsible Lead Executive Director: Endorsing Body: Governance or Assurance Committee Alan Ashforth Alan Lawrie ehealth Strategy Group Implementation Date: September
More informationRotherham CCG Network Security Policy V2.0
Title: Rotherham CCG Network Security Policy V2.0 Reference No: Owner: Author: Andrew Clayton - Head of IT Robin Carlisle Deputy - Chief Officer D Stowe ICT Security Manager First Issued On: 17 th October
More informationBusiness Continuity Policy and Business Continuity Management System
Business Continuity Policy and Business Continuity Management System Summary: This policy sets out the structure for ensuring that the PCT has effective Business Continuity Plans in place in order to maintain
More informationNHS Waltham Forest Clinical Commissioning Group Information Governance Policy
NHS Waltham Forest Clinical Commissioning Group Information Governance Policy Author: Zeb Alam & David Pearce Version 3.0 Amendments to Version 2.1 Updates made in line with National Guidance and Legislation
More informationPolicy Information Management
Policy Information Management Document Title: Policy Information Management Issue date: October 2013 Document Status: Approved IGC 23 Oct 2013 Review date: October 2014 Page 1 of 17 Document control Document
More informationRISK MANAGEMENT STRATEGY 2014-17
RISK MANAGEMENT STRATEGY 2014-17 DOCUMENT NO: Lead author/initiator(s): Contact email address: Developed by: Approved by: DN128 Head of Quality Performance Julia.sirett@ccs.nhs.uk Quality Performance Team
More informationHow To Protect Your Personal Information At A College
Data Protection Policy Policy Details Produced by Assistant Principal Information Systems Date produced Approved by Senior Leadership Team (SLT) Date approved July 2011 Linked Policies and Freedom of Information
More informationPOLICY. Responsible Use of Social Media
POLICY Responsible Use of Social Media Contact Officer Director of Personnel Director of Communications & Participation Senior Project Manager: Corporate Policies (Policy author) Purpose The primary aims
More informationData protection policy
Data protection policy Introduction 1 This document is the data protection policy for the Nursing and Midwifery Council (NMC). 2 The Data Protection Act 1998 (DPA) governs the processing of personal data
More informationHow To Ensure Information Security In Nhs.Org.Uk
Proforma: Information Policy Security & Corporate Policy Procedures Status: Approved Next Review Date: April 2017 Page 1 of 17 Issue Date: June 2014 Prepared by: Information Governance Senior Manager Status:
More informationWest Midlands Police and Crime Commissioner Records Management Policy 1 Contents
West Midlands Police and Crime Commissioner Records Management Policy 1 Contents 1 CONTENTS...2 2 INTRODUCTION...3 2.1 SCOPE...3 2.2 OVERVIEW & PURPOSE...3 2.3 ROLES AND RESPONSIBILITIES...5 COMMISSIONED
More informationInternet Use Policy and Code of Conduct
Internet Use Policy and Code of Conduct UNIQUE REF NUMBER: AC/IG/023/V1.1 DOCUMENT STATUS: Agreed by Audit Committee 18 July 2013 DATE ISSUED: July 2013 DATE TO BE REVIEWED: July 2014 1 P age AMENDMENT
More information