Information Governance. and what it means for you

Size: px
Start display at page:

Download "Information Governance. and what it means for you"

Transcription

1 Information Governance and what it means for you 1

2 Content Introduction 3 Who are we? 4 What is Information Governance? 4 Purpose of Holding Information 5 Confidentiality and Security 5 Accuracy of Information Types of Information 6 Service User Information 9 Employee Information 10 Corporate Information 11 Access to Personal Information held by the Trust 13 Access to Corporate Information held by the Trust 15 Compliments, Complaints or Appeals 15 Further Information 2

3 Introduction Who are we? KMPT provides a number of different mental health services to people living in Kent and Medway. Our services are more specialised than services provided by General Practitioners. Most of our mental health services are provided through: Community based teams Outpatient clinics Inpatient units Community services and inpatient/outpatient units are generally split into services for adults and services for older people over local areas. In addition to our community and inpatient/outpatient services, we also provide a number of specialist services across the county and mental health services for people with a learning disability. We work as a partnership organisation for mental health services and our partners include: Clinical Commissioning Groups Commissioning Support Units General Practitioners (GPs) Ambulance Services Acute Hospital Trusts Mental Health Social Services More information about our services can be found on our website 3

4 What is Information Governance? Information governance is the term used to describe the principles, processes, legal and ethical responsibilities for managing and handling information. It sets the requirements and standards that health and social care organisations need to achieve to ensure they fulfill their obligations so that information is handled legally, securely, efficiently and effectively. This booklet has been prepared to advise individuals on what information we hold, how it is used by us and the rights available to individuals. Purpose of Holding Information All organisations are obliged to understand and document the purposes for which information is held. These are documented in something called a Data Protection Register Entry which is registered with the Information Commissioners Office (the body with responsibility for overseeing compliance). As an NHS Trust, we keep records relating to the purposes detailed above. These records help us to deliver our services and manage our activities and may be written down (manual/paper records) or be held on a computer in electronic form or as part of an information system. KMPT has identified the following reasons for holding and using information: to provide Healthcare Services to administer staff and employment records to keep Accounts and Records relating to our activities to take part in appropriate research within the Health Sector in Crime Prevention and Prosecution of Offenders in educating and training our staff to provide good quality services in establishing/maintaining membership of our Trust in auditing our services and preparing statistics on NHS performance in reviewing the care provided and ensuring services meet the needs of the users Electronic records will be held in digital form on servers and computers as well as removable media including USB memory stick and CDs. Electronic records include, but are not limited to databases, s, scanned files or images, word processed files, spread sheets, web pages and media clips. The security of electronic records is paramount to providing a confidential service and is controlled and governed on a need-to-know basis by a variety of methods including, but not limited to, passwords, smartcards and security tokens. Some of these reasons will involve using and sharing personal information which may identify individuals either as employees or service users. Some will be met through the use of anonymous or non-identifiable statistics or data. 4

5 Confidentiality and Security of Information Individuals entrust us with, or allow us to gather, sensitive information relating to their health, employment and other matters as part of their contact with our organisation. They do so in confidence and have a legitimate expectation that we will respect their privacy and act appropriately. It is essential that we provide a confidential service. PROTECT The provision of a confidential service is governed by law, policy, procedure and best practice. As an NHS Trust, we have a duty to ensure this confidentiality and the physical/electronic security of your information is maintained at all times. In order to do this we follow the model of confidentiality promoted by the Department of Health: PROTECT - we look after the personal information held by us; INFORM - we ensure individuals are aware of how their information is used; PROVIDE CHOICE - we allow individuals to decide, within the boundaries of the law, whether information can be disclosed or used in particular ways; and IMPROVE - we always look for better ways to protect, inform and provide choice. INFORM IMPROVE PROVIDE CHOICE From: DH/IPU/Patient Confidentiality (2003) Gateway Ref 1656 Confidentiality NHS Code of Practice pg 10 Accuracy of Information We have a duty to ensure your information is accurate and kept up-to-date. To do this, we undertake regular checks on the quality of the data we hold and will ask you at regular intervals to confirm your basic information, such as name, address, date of birth, ethnicity etc. is right. We may also take part in Information Quality Assurance Assessments with our partner organisations to ensure we deliver improvements in the quality of information we record about you. 5

6 Types of Information Service User Information When you make use of any of the Trust s services, it is important we have information about you in order to ensure you get the care and/or treatment appropriate to your needs. This information helps to ensure you receive the best possible care. It may be written down (manual/ paper records) or held on a computer. This will form what is called a health record commonly defined as a record consisting of information about the physical or mental health of an individual made by, or on behalf of, a health/social care professional in connection with the care of that individual. The type of information kept includes: Basic details such as name, date of birth, address, next of kin, ethnicity, disability, sexuality and gender Contacts we have had with you Notes and reports about your health and any treatment and care you need Details and records about the treatment and care you receive Results of any tests or investigations Relevant information from other health professionals, relatives or those who care for you How we use this information to help you Primarily this information is used to guide and administer the care you receive. It ensures that: All healthcare professionals involved in your care have accurate and up-to-date information We can contact you for appointments Information is available if you need to see another health professional within our Trust or be referred to a specialist in another part of the NHS We can assess the type and quality of care you receive Your concerns can be properly investigated if you need to complain 6

7 How we use this information to help the NHS We may also need to use your information to help the NHS. This includes: Looking after the health of the general public Being able to ensure your healthcare is paid for Ensuring our services meet patient needs Preparing statistics of NHS performance Reviewing the care provided to ensure it is of the highest standard Teaching and training healthcare professionals Conducting health research and development Auditing our services Where information is used for these purposes, we always take every care to ensure individuals cannot be identified. Anonymous statistical information may be shared with other organisations such as universities and research institutions where there is a legitimate interest. On some occasions, such as pre-screening for clinical research or the investigation/assessment into the provision of care or management of the Trust, it is not possible to use anonymous information and statutory authorities like the NHS Litigation Authority may want to see your records. Where this is the case and personal identifiable information is likely to be used and/or shared, we will ask your permission, unless the law requires us to share the information, when we will aim to advise you as soon as possible. Occasionally, we are asked to provide information to assist with training, education, research or audit. Any such requests are considered very carefully by the Trust s Caldicott Guardian (the officer with responsibility for safeguarding confidentiality) and information is usually provided in a form that does not identify individuals. If you wish to object to your records being made available during such activities, please notify the Trust. 7

8 Information Sharing We work as a partnership organisation for mental health services and may need to share some clinical information with other groups of professionals involved in the provision of care. Please be reassured, we will only use or pass on information where there is a genuine need for it. Your treatment and care may involve a team, which includes doctors, nurses, therapists, some administrative staff and other health and social care professionals, including your GP. Information about you may be shared to assist those who have an interest in your care or treatment. Your information will only be passed on to those who have a need-to-know and be shared in a secure manner. Your information may also be shared, subject to strict agreements describing how it will be used with: Social Services Local Authorities Voluntary Sector Providers Private Sector Providers We will not disclose your information to any other organisation without your permission unless there are exceptional circumstances, such as when the health or safety of yourself or others is at risk or where the law requires it to be passed on. We are required by law to report certain information to the appropriate authorities and occasions when this is the case include: Where we encounter infectious diseases which may endanger the safety of others such as meningitis or measles (but not HIV/ AIDS) Where a formal court order has been issued Where disclosure is necessary to protect either yourself or someone else from harm Whatever the reason for sharing information, we will ensure it is done so securely and lawfully. 8

9 Employee/Staff Information As an employee, or past employee of the Trust, we are obliged to retain information about you and your employment. This will include information such as your name, date of birth and address as well as more sensitive information such as your ethnicity, salary and bank details. We will also hold a personal file relating to your employment containing information about your absences and performance whilst an employee. These records may be written down (manual/ paper records) or held on a computer (electronic records). The content of your personal file will be retained securely by your Line Manager. However, in order to manage and administer your employment relevant information will be available to other departments such as Human Resources or Payroll. In addition, the Trust is obliged to provide various external bodies with some information such as HM Revenue and Customs, Pensions Agency etc. Your information will only be passed on to those who have a need-to-know and it will be shared in a secure manner, for example in the event of your employment transferring under TUPE regulations information will be shared with your new employer. How we use this information Primarily this information is used to administer your employment with us from recruitment to termination including pay, discipline, superannuation, work management, fitness to practice, professional registrations or other personnel matters. However, we may also need to use this information to help the NHS, including: NHS Reporting to the Department of Health or Strategic Health Authority Auditing our Services Where information is used for these purposes, we always take every care to ensure individuals cannot be identified. 9

10 Corporate Information Corporate records are records which relate to the corporate business of the Trust such as financial accounts, minutes and meeting papers, legal and other administrative documents. Corporate records may contain personal identifiable information, for example staff files or commercially sensitive information about the business of the Trust and such records are treated with the utmost care to their confidentiality and security. What is a Corporate Record? Corporate records can be made up of documents and records. These could be either in written/paper or electronic form. A document is defined as any item of information received or created by the Trust. A document is an evolving item of information which can be changed and is owned and managed by individuals e.g. working documents in draft form. A document or its contents could be held in any form or made up of any type e.g. text, image, video, audio, paper, electronic, physical (audio or video tape, architectural models etc.). Records are those documents which support and provide evidence of the activities of the Trust. They are the final versions of documents (master copy) and do not change e.g. policy documents, minutes of meetings. They are subject to retention periods to ensure information is retained only for as long as is necessary. How we use this information Corporate records are created in order to ensure that the Trust has the necessary information to deliver high quality services and provide evidence of their activities. It is the duty of each NHS body to establish and keep in place arrangements for the purposes of monitoring and improving the quality of health and social care provided by and for that body. 10

11 Access to Personal Information held by the Trust What are my rights? The Data Protection Act 1998, Access to Health Records Act 1990, Human Rights Act and the common law duty of confidence, all protect your privacy and your information. Under the Data Protection Act 1998 you have the right to apply for access to your records; this is known as a Subject Access Request or SAR. This applies to all records kept about you no matter when they were made. The Act relates to all organised identifiable information about living people, in all formats and regardless of how much of it there is. In the event that you wish to access health records relating to an individual who has passed away, the Access to Health Records Act 1990 would apply. The provisions are very similar to those in the Data Protection Act 1998 however, there are regulations surrounding who can make such a request as the information continues to be held under a duty of confidentiality. How do I apply? Applications to access records must be made in writing and sent to the Information Rights Office. You will be asked to provide evidence of your identity. How long will it take? We have an obligation to provide access to records within 40 calendar days, slightly less for those made under the Access to Health Records Act. This time period starts after we have received everything we need to process your request. How will my records be shown to me? When you make your application, you will be asked to confirm whether you want to view your records or receive copies. Viewings will take place at a mutually agreed date/time or photocopies can be sent to you. 11

12 Can someone else ask for my records? Your solicitor/representative, friend or family member can make the request for you. They will be required to provide your written authority/consent for us to liaise with and share this information with them on your behalf. Can I change my records? Where you consider there are inaccuracies on the record, you can ask the Trust to reconsider the entry and either make an amendment or add a note to the records stating your opinion. The Information Rights Department can advise you on this. What will it cost? For access to personal information (not including health records), a small administrative charge of 10 will be applied to each request. For access to health records the cost is dependent on when your records were last added to or an entry made within them and can range from nothing to a maximum of 50. Can I be refused access? It is very unlikely that you would be refused access to information about yourself. However, the Trust is obliged to approach any third parties who may have supplied information, such as relatives, private healthcare providers or other organisations, including those who have given references for employment purposes, and request their permission before passing this information to you. When asking for health records, there is a possibility that access will be refused or limited to only part of the records if: Your health professional thinks you or someone else could be harmed as a result; The information relates to, or was provided by, an identified individual apart from you or a health professional who has not given their permission to its release; or You are applying on behalf of someone who has died or is no longer capable of managing their own affairs but who originally gave the information on the understanding that it wouldn t be revealed later. 12

13 Access to Corporate Information held by the Trust The Freedom of Information Act and other related legislation, such as the Environmental Information Regulations 2000, came into force in 2005 and provides the right to request information from public authorities. The aim of the legislation is to promote trust and confidence in our public services, including the NHS, by providing clear information and being open about what we do. Will I be able to get access to all the Trust s information? The right to obtain information may be limited by some exemptions which are listed within the Act. The effect of the exemptions is that we may not be able to supply all or part of the information requested. If possible, we will supply the information requested with the exemption information removed. What information is already available? Our Publication Scheme is a complete guide to the information we hold and describes what is routinely published by us. It can be found on our website at If you do not have access to the internet, a copy of the Scheme can also be obtained from: Can I get access to information about myself or other patients? The Freedom of Information Act does not change the right of individuals to protect their confidentiality. Maintaining this right is an important commitment for us as an NHS Trust and, therefore, this type of information cannot be released under the Freedom of Information Act and requests received would be considered under the Data Protection Act The FOI Office St Michaels House St Michaels Road Sittingbourne ME10 3DW How can I apply for information under the Freedom of Information Act? You must make your request in writing including your name and a contact address so that we can respond to you. You do not need to tell us why you want the information but we will need enough information from you to correctly identify and find what you are looking for. Your request should be sent to: 13

14 How quickly must the information be provided to me? 2 The information must be provided within 20 working days. This time begins on the day your request has been received by the Trust Is there a charge for the information to be supplied? Ordinarily we will not charge to supply you with information however, the Act sets out an appropriate limit on the time spent to respond to a request for information. If we believe that this limit may be exceeded by the work required to retrieve or collate the information requested, we may choose to either refuse to continue with the request or charge for the information to be supplied. We will notify you as soon as possible if this is the case. How do I query any refusal to provide the information I have requested? If the Trust has refused to provide information, it will have also advised you of its reasons for doing so. If you do not agree with these reasons, you may apply to the FOI Office for an internal review of these reasons by an independent person. If you remain dissatisfied, you can also apply to the Complaints Manager to challenge the decision, see the section entitled Compliments, Complaints and Appeals. If you are still unhappy after your internal review and complaint have been concluded, you can contact the Information Commissioner. The Information Commissioner may order the disclosure if he feels that the refusal was not justified. 14

15 Compliments, Complaints and Appeals We are always looking at ways to improve our communication and the services provided by the Trust. As a result, you may find that you are asked to complete or take part in a satisfaction survey. We welcome your feedback and encourage the completion of such surveys if they are received. If you would like to request a decision to be reconsidered or make an appeal against the outcome of a request for information, please write to: The Information Rights Manager St Michaels House St Michaels Road Sittingbourne ME10 3DW If you would like to raise a concern or make a complaint about the way in which your enquiry has been handled or about our Publication Scheme, these should be made in writing and in the first instance addressed to: The Complaints Manager Trust Headquarters Farm Villa Hermitage Lane Maidstone Kent ME16 9PH You are also free to contact the Information Commissioner directly for advice or guidance or to further your concerns. They have responsibility for ensuring organisations comply with the legislation surrounding accessing both corporate and personal information and can be contacted at: The Information Commissioner Wycliffe House Water Lane Wilmslow Cheshire SK9 5AF Tel: Further Information If you have any questions that this booklet does not answer for you, or would like to know more about Information Governance and how it affects you please contact the Information Rights Department on or write to us at St Michaels House, St Michaels Road, Sittingbourne ME10 3DW To ensure security and confidentiality, we are unable to give out identifiable information over the telephone and appreciate your understanding of this. KM

HOW WE USE YOUR PERSONAL INFORMATION

HOW WE USE YOUR PERSONAL INFORMATION HOW WE USE YOUR PERSONAL INFORMATION Information Leaflet Your Health. Our Priority. Page 2 of 9 Introduction This Leaflet explains why the NHS collects information about you and how it is used, your right

More information

Patient Information Whose information is it anyway? Your health records

Patient Information Whose information is it anyway? Your health records Patient Information Whose information is it anyway? Your health records Derriford Hospital Derriford Road Plymouth PL6 8DH Tel: 0845 155 8155 www.plymouthhospitals.nhs.uk Your health record We ask you

More information

The Care Record Guarantee Our Guarantee for NHS Care Records in England

The Care Record Guarantee Our Guarantee for NHS Care Records in England The Care Record Guarantee Our Guarantee for NHS Care Records in England January 2011, version 5 Introduction In the National Health Service in England, we aim to provide you with the highest quality of

More information

The Care Record Guarantee Our Guarantee for NHS Care Records in England

The Care Record Guarantee Our Guarantee for NHS Care Records in England The Care Record Guarantee Our Guarantee for NHS Care Records in England Introduction In the National Health Service in England, we aim to provide you with the highest quality of healthcare. To do this,

More information

Quick guide to the employment practices code

Quick guide to the employment practices code Data protection Quick guide to the employment practices code Ideal for the small business Contents 3 Contents Section 1 About this guidance 4 Section 2 What is the Data Protection Act? 5 Section 3 Recruitment

More information

Guidance for Access to Health Records Requests under the Data Protection Act 1998

Guidance for Access to Health Records Requests under the Data Protection Act 1998 Guidance for Access to Health Records Requests under the Data Protection Act 1998 Version 1 July 2002 Version 2 June 2003 Guidance for Access to Health Records Requests under the Data Protection Act 1998

More information

Request under the Freedom of Information Act 2000 (FOIA)

Request under the Freedom of Information Act 2000 (FOIA) Our Ref: 003115/13 Freedom of Information Section Nottinghamshire Police HQ Sherwood Lodge, Arnold Nottingham NG5 8PP Tel: 101 Ext 800 2507 Fax: 0115 967 2896 29 May 2013 Request under the Freedom of Information

More information

Information Governance Policy

Information Governance Policy Information Governance Policy 1 Introduction Healthwatch Rutland (HWR) needs to collect and use certain types of information about the Data Subjects who come into contact with it in order to carry on its

More information

SUBJECT ACCESS REQUEST

SUBJECT ACCESS REQUEST DATA PROTECTION ACT 1998 SUBJECT ACCESS REQUEST Procedure Manual 1 Invest NI Subject Access Request Procedure Manual 1. Introduction 1.1 What is a Subject Access Request? 1.2 Routine Requests 1.3 What

More information

Information Sharing Policy

Information Sharing Policy Information Sharing Policy REFERENCE NUMBER IG 010 / 0v3 February 2013 VERSION V1.0 APPROVING COMMITTEE & DATE Clinical Executive Committee 5.2.13 REVIEW DUE DATE February 2016 West Lancashire CCG is committed

More information

Information Assurance Policies and Guidance. Information Governance Policy. Document Version: v0.5 Review Date: 1 May 2016

Information Assurance Policies and Guidance. Information Governance Policy. Document Version: v0.5 Review Date: 1 May 2016 Information Assurance Policies and Guidance Information Governance Policy Document Version: v0.5 Review Date: 1 May 2016 Owner: Information Governance Manager 1 P a g e Document History Revision Version

More information

Information Governance Policy

Information Governance Policy Information Governance Policy Reference: Information Governance Policy Date Approved: April 2013 Approving Body: Board of Trustees Implementation Date: April 2013 Version: 6 Supersedes: 5 Stakeholder groups

More information

Request under the Freedom of Information Act 2000 (FOIA)

Request under the Freedom of Information Act 2000 (FOIA) Our Ref: 007907/15 Freedom of Information Section Nottinghamshire Police HQ Sherwood Lodge, Arnold Nottingham NG5 8PP 04 November 2015 Tel: 101 Ext 800 2507 Fax: 0115 967 2896 Request under the Freedom

More information

Data Protection Policy

Data Protection Policy Data Protection Policy Introduction The Data Protection Act 1998 gives individuals the right to know what personal information is held about them. It provides a framework to ensure that the Office of the

More information

Guidance for Access to Health Records Requests

Guidance for Access to Health Records Requests Guidance for Access to Health Records Requests February 2010 1 DH INFORMATION READER BOX Policy HR / Workforce Management Planning / Clinical Document Purpose Gateway Reference Title Estates Commissioning

More information

Hampstead Parochial CofE Primary School Data Protection Policy Spring 2015

Hampstead Parochial CofE Primary School Data Protection Policy Spring 2015 Hampstead Parochial CofE Primary School Data Protection Policy Spring 2015 1. Introduction and Scope 1.1 The Data Protection Act 1998 is the law that protects personal privacy and applies to any school

More information

INFORMATION GOVERNANCE AND DATA PROTECTION POLICY

INFORMATION GOVERNANCE AND DATA PROTECTION POLICY INFORMATION GOVERNANCE AND DATA PROTECTION POLICY WN CCG Information Governance & Data Protection Policy July 2013 1 Document Control Sheet Name of Document: Information Governance & Data Protection Policy

More information

Schedule 10 Provisions Governing the Relationship between NHS Work, Private Practice and Fee Paying Services

Schedule 10 Provisions Governing the Relationship between NHS Work, Private Practice and Fee Paying Services Schedule 10 Provisions Governing the Relationship between NHS Work, Private Practice and Fee Paying Services 1. This Schedule should be read in conjunction with the Code of Conduct for Private Practice,

More information

Request under the Freedom of Information Act 2000 (FOIA)

Request under the Freedom of Information Act 2000 (FOIA) Our Ref: 010870/13 Freedom of Information Section Nottinghamshire Police HQ Sherwood Lodge, Arnold Nottingham NG5 8PP Tel: 101 Ext 800 2507 Fax: 0115 967 2896 06 December 2013 Request under the Freedom

More information

Request under the Freedom of Information Act 2000 (FOIA)

Request under the Freedom of Information Act 2000 (FOIA) Our Ref: 002172/14 Freedom of Information Section Nottinghamshire Police HQ Sherwood Lodge, Arnold Nottingham NG5 8PP Tel: 101 Ext 800 2507 Fax: 0115 967 2896 25 April 2014 Request under the Freedom of

More information

HERTSMERE BOROUGH COUNCIL

HERTSMERE BOROUGH COUNCIL HERTSMERE BOROUGH COUNCIL DATA PROTECTION POLICY October 2007 1 1. Introduction Hertsmere Borough Council ( the Council ) is fully committed to compliance with the requirements of the Data Protection Act

More information

Access to Health Records

Access to Health Records Access to Health Records Crown Heights Medical Centre Procedure Access to Health Records ACCESS TO MEDICAL RECORDS (DATA PROTECTION) POLICY INTRODUCTION The Access to Health Records Act 1990 gave individuals

More information

Request under the Freedom of Information Act 2000 (FOIA)

Request under the Freedom of Information Act 2000 (FOIA) Our Ref: 002085/15 Freedom of Information Section Nottinghamshire Police HQ Sherwood Lodge, Arnold Nottingham NG5 8PP 20 April 2015 Tel: 101 Ext 800 2507 Fax: 0115 967 2896 Request under the Freedom of

More information

Data Protection Policy

Data Protection Policy Data Protection Policy Version: 1.0 Date: October 2013 Table of Contents 1 Introduction The need for a Data Protection Policy... 3 2 Scope... 3 3 Principles... 3 4 Staff Roles & Responsibilities... 4 5

More information

CORK INSTITUTE OF TECHNOLOGY

CORK INSTITUTE OF TECHNOLOGY CORK INSTITUTE OF TECHNOLOGY DATA PROTECTION POLICY APPROVED BY GOVERNING BODY ON 30 APRIL 2009 INTRODUCTION Cork Institute of Technology is committed to a policy of protecting the rights and privacy of

More information

Halton Borough Council. Privacy Notice

Halton Borough Council. Privacy Notice Halton Borough Council Privacy Notice Halton Borough Council is registered as a data controller under the Data Protection Act as we collect and process personal information about you. The information we

More information

Child and Adult Services Subject Access Requests Guidance

Child and Adult Services Subject Access Requests Guidance Child and Adult Services Subject Access Requests Guidance This Guidance is not applicable to Access to Information requests about Adoption. For requests about Adoption please consult the Adoption and Children

More information

DATA PROTECTION POLICY

DATA PROTECTION POLICY DATA PROTECTION POLICY Version 1.3 April 2014 Contents 1 POLICY STATEMENT...2 2 PURPOSE....2 3 LEGAL CONTEXT AND DEFINITIONS...2 3.1 Data Protection Act 1998...2 3.2 Other related legislation.....4 3.3

More information

Request under the Freedom of Information Act 2000 (FOIA)

Request under the Freedom of Information Act 2000 (FOIA) Our Ref: 002425/15 Freedom of Information Section Nottinghamshire Police HQ Sherwood Lodge, Arnold Nottingham NG5 8PP 5 May 2015 Tel: 101 Ext 800 2507 Fax: 0115 967 2896 Request under the Freedom of Information

More information

Southmead and Henbury Family Practice Patient Access to Medical Records - Information Leaflet

Southmead and Henbury Family Practice Patient Access to Medical Records - Information Leaflet Patient Access to Medical Records - Information Leaflet Access to Health Records under the Data Protection Act 1998 The Data Protection Act 1998 gives every living person, or an authorised representative,

More information

INFORMATION GOVERNANCE STRATEGY

INFORMATION GOVERNANCE STRATEGY INFORMATION GOVERNANCE STRATEGY Page 1 of 10 Strategy Owner Valerie Penn, Head of Governance Strategy Author Caroline Law, Information Governance Project Manager Directorate Corporate Governance Ratifying

More information

Your Ref: Our Ref. Date: 19 June 2014

Your Ref: Our Ref. Date: 19 June 2014 Policy and Corporate Support Adrian Gowan Policy and Corporate Support Manager Please ask for: Adrian Gowan Direct Line: (01322) 343418 Direct Fax: E-mail: adrian.gowan@dartford.gov.uk Your Ref: Our Ref

More information

Privacy Policy. January 2014

Privacy Policy. January 2014 Privacy Policy January 2014 Privacy Policy Introduction This policy explains your rights as an individual when using services provided by Her Majesty s Passport Office. Our commitment to you Her Majesty

More information

Request under the Freedom of Information Act 2000 (FOIA)

Request under the Freedom of Information Act 2000 (FOIA) Our Ref: 002464/14 Freedom of Information Section Nottinghamshire Police HQ Sherwood Lodge, Arnold Nottingham NG5 8PP Tel: 101 Ext 800 2507 Fax: 0115 967 2896 08 May 2014 Request under the Freedom of Information

More information

WEST LOTHIAN COUNCIL DATA PROTECTION ACT 1998 POLICY

WEST LOTHIAN COUNCIL DATA PROTECTION ACT 1998 POLICY WEST LOTHIAN COUNCIL DATA PROTECTION ACT 1998 POLICY Version 3.0 DATA PROTECTION ACT 1998 POLICY CONTENTS 1. INTRODUCTION... 3 2. PROVISIONS OF THE ACT... 4 3. SCOPE... 4 4. GENERAL POLICY STATEMENT...

More information

Contents. Section/Paragraph Description Page Number

Contents. Section/Paragraph Description Page Number - NON CLINICAL NON CLINICAL NON CLINICAL NON CLINICAL NON CLINICAL NON CLINICAL NON CLINICAL NON CLINICA CLINICAL NON CLINICAL - CLINICAL CLINICAL Complaints Policy Incorporating Compliments, Comments,

More information

Request under the Freedom of Information Act 2000 (FOIA)

Request under the Freedom of Information Act 2000 (FOIA) Our Ref: 000880/13 Freedom of Information Section Nottinghamshire Police HQ Sherwood Lodge, Arnold Nottingham NG5 8PP Tel: 101 Ext 800 2507 Fax: 0115 967 2896 28 February 2013 Request under the Freedom

More information

SOMERSET PARTNERSHIP NHS FOUNDATION TRUST RECORDS MANAGEMENT STRATEGY. Report to the Trust Board 22 September 2015. Information Governance Manager

SOMERSET PARTNERSHIP NHS FOUNDATION TRUST RECORDS MANAGEMENT STRATEGY. Report to the Trust Board 22 September 2015. Information Governance Manager SOMERSET PARTNERSHIP NHS FOUNDATION TRUST RECORDS MANAGEMENT STRATEGY Report to the Trust Board 22 September 2015 Sponsoring Director: Author: Purpose of the report: Key Issues and Recommendations: Director

More information

PERSONAL INJURIES ASSESSMENT BOARD DATA PROTECTION CODE OF PRACTICE

PERSONAL INJURIES ASSESSMENT BOARD DATA PROTECTION CODE OF PRACTICE PERSONAL INJURIES ASSESSMENT BOARD DATA PROTECTION CODE OF PRACTICE ADOPTED ON 9 th January 2008 TABLE OF CONTENTS Page No. 1 Introduction...3 2 Glossary...3 3 Types of Personal Data held by Us...3 4 Obligations

More information

Data Protection Policy A copy of this policy is published in the following areas: The school s intranet The school s website

Data Protection Policy A copy of this policy is published in the following areas: The school s intranet The school s website Data Protection Policy A copy of this policy is published in the following areas: The school s intranet The school s website Date created: November 2015 Date for review: July 2016 Created by: Mark Vanstone,

More information

Data Subject Access Request Procedure

Data Subject Access Request Procedure Data Subject Access Request Procedure Policy ID IG07 Version: 2.0 Ratified by: Executive Committee Name of originator/author: Justin Dix, Governing Body Secretary Name of responsible committee/individual:

More information

Research Governance Standard Operating Procedure

Research Governance Standard Operating Procedure Research Governance Standard Operating Procedure The Management and Use of Research Participant Data for Secondary Research Purposes SOP Reference: Version Number: 01 Date: 28/02/2014 Effective Date: Review

More information

Request under the Freedom of Information Act 2000 (FOIA)

Request under the Freedom of Information Act 2000 (FOIA) Our Ref: 000520/13 Freedom of Information Section Nottinghamshire Police HQ Sherwood Lodge, Arnold Nottingham NG5 8PP Tel: 101 Ext 800 2507 Fax: 0115 967 2896 3 April 2013 Request under the Freedom of

More information

INFORMATION GOVERNANCE POLICY

INFORMATION GOVERNANCE POLICY Directorate of Performance Assurance INFORMATION GOVERNANCE POLICY Reference: DCP074 Version: 2.5 This version issued: 27/03/15 Result of last review: Minor changes Date approved by owner (if applicable):

More information

INFORMATION GOVERNANCE POLICY

INFORMATION GOVERNANCE POLICY INFORMATION GOVERNANCE POLICY Primary Intranet Location Information Management & Governance Version Number Next Review Year Next Review Month 7.0 2018 January Current Author Phil Cottis Author s Job Title

More information

Complaints Procedure for Health Services A Patient s Guide Help Us to Help You

Complaints Procedure for Health Services A Patient s Guide Help Us to Help You Department of Health and Social Care Rheynn Slaynt as Kiarail y Theay National Health Service Complaints Procedure for Health Services A Patient s Guide Help Us to Help You May 2015 NH15 A Patient s Guide

More information

Credit Union Board of Directors Introduction, Resolution and Code for the Protection of Personal Information

Credit Union Board of Directors Introduction, Resolution and Code for the Protection of Personal Information Credit Union Board of Directors Introduction, Resolution and Code for the Protection of Personal Information INTRODUCTION Privacy legislation establishes legal privacy rights for individuals and sets enforceable

More information

The Chafford School. Data Protection and Freedom of Information Policy

The Chafford School. Data Protection and Freedom of Information Policy The Chafford School Data Protection and Freedom of Information Policy INDEX Aims & Objectives... 3 Data Protection The law... 3 Processing, storing, archiving and deleting personal data: Guidance... 3

More information

Human Resources and Data Protection

Human Resources and Data Protection Human Resources and Data Protection Contents 1. Policy Statement... 1 2. Scope... 2 3. What is personal data?... 2 4. Processing data... 3 5. The eight principles of the Data Protection Act... 4 6. Council

More information

Environmental Information Regulations POLICY STATEMENT

Environmental Information Regulations POLICY STATEMENT Environmental Information Regulations POLICY STATEMENT Implementation Date: 1 February 2014 Next review Date: 1 February 2016 DOCUMENT CONTROL Document History Version Date Changes 2.00 18 November 2013

More information

Subject Access Request Policy

Subject Access Request Policy Subject Access Request Policy Version Version 4.0 Ratified By Date Ratified 24th February 2015 Author(s) Responsible Committee / Officers Date Issue February 2015 Quality, Performance and Finance Committee

More information

Request under the Freedom of Information Act 2000 (FOIA)

Request under the Freedom of Information Act 2000 (FOIA) Our Ref: 006253/15 Freedom of Information Section Nottinghamshire Police HQ Sherwood Lodge, Arnold Nottingham NG5 8PP Tel: 101 Ext 800 2507 Fax: 0115 967 2896 07 October 2015 Request under the Freedom

More information

DATA PROTECTION POLICY

DATA PROTECTION POLICY Reference number Approved by Information Management and Technology Board Date approved 14 th May 2012 Version 1.1 Last revised N/A Review date May 2015 Category Information Assurance Owner Data Protection

More information

Request under the Freedom of Information Act 2000 (FOIA)

Request under the Freedom of Information Act 2000 (FOIA) Our Ref: 003668/15 Freedom of Information Section Nottinghamshire Police HQ Sherwood Lodge, Arnold Nottingham NG5 8PP 9 July 2015 Tel: 101 Ext 800 2507 Fax: 0115 967 2896 Request under the Freedom of Information

More information

FREEDOM OF INFORMATION REQUEST

FREEDOM OF INFORMATION REQUEST FREEDOM OF INFORMATION REQUEST Request Number: F-2013-05371 Keyword: Operational Policing Subject: Unmanned Aerial Systems (UAS) Purchased By PSNI 2012-2013 Request and Answer: Question 1 The number of

More information

Request under the Freedom of Information Act 2000 (FOIA)

Request under the Freedom of Information Act 2000 (FOIA) Our Ref: 000498/13 Freedom of Information Section Nottinghamshire Police HQ Sherwood Lodge, Arnold Nottingham NG5 8PP Tel: 101 Ext 800 2507 Fax: 0115 967 2896 18 February 2013 Request under the Freedom

More information

Data Protection Act a more detailed guide

Data Protection Act a more detailed guide Data Protection Act a more detailed guide What does the Act do? The Data Protection Act 1998 places considerable duties on organisations which process personal data; increases the rights of access by data

More information

Request under the Freedom of Information Act 2000 (FOIA)

Request under the Freedom of Information Act 2000 (FOIA) Our Ref: 007228/12 Freedom of Information Section Nottinghamshire Police HQ Sherwood Lodge, Arnold Nottingham NG5 8PP Tel: 101 Ext 800 2507 Fax: 0115 967 2896 14 January 2013 Request under the Freedom

More information

Data Protection and Data security Policy

Data Protection and Data security Policy Data Protection and Data security Policy Statement of policy and purpose of Policy 1. Somer Valley Community Radio Ltd (the Employer) is committed to ensuring that all personal information handled by us

More information

Bridget Rankin Principal Pharmacist, Medicines Information Guy s & St. Thomas NHS Foundation Trust April 2015

Bridget Rankin Principal Pharmacist, Medicines Information Guy s & St. Thomas NHS Foundation Trust April 2015 Bridget Rankin Principal Pharmacist, Medicines Information Guy s & St. Thomas NHS Foundation Trust April 2015 Aim of the Session Identify legal and ethical problems that may be encountered when providing

More information

RECORDS MANAGEMENT POLICY

RECORDS MANAGEMENT POLICY RECORDS MANAGEMENT POLICY Version 8.0 Purpose: For use by: This document is compliant with /supports compliance with: To outline the lifecycle of a record and to provide guidance on retention and disposal

More information

Subject Access Request, Procedure, Guidance and Information

Subject Access Request, Procedure, Guidance and Information Subject Access Request, Procedure, Guidance and Information Updated: July 2015 Page 1 of 61 CONTENTS 1. Introduction 5 2. Legal Context 5 3. Subject Access Request to Personal Records Guidance 6 Guidance

More information

Data Protection Policy

Data Protection Policy Data Protection Policy Version: V1 Ratified by: Operational Management Executive Committee Date ratified: 26 September 2013 Name and Title of originator/author(s): Chris Brady, FOI, Data Protection and

More information

INFORMATION GOVERNANCE AND SECURITY 1 POLICY DRAFTED BY: INFORMATION GOVERNANCE LEAD 2 ACCOUNTABLE DIRECTOR: SENIOR INFORMATION RISK OWNER

INFORMATION GOVERNANCE AND SECURITY 1 POLICY DRAFTED BY: INFORMATION GOVERNANCE LEAD 2 ACCOUNTABLE DIRECTOR: SENIOR INFORMATION RISK OWNER INFORMATION GOVERNANCE AND SECURITY 1 POLICY DRAFTED BY: INFORMATION GOVERNANCE LEAD 2 ACCOUNTABLE DIRECTOR: SENIOR INFORMATION RISK OWNER 3 APPLIES TO: ALL STAFF 4 COMMITTEE & DATE APPROVED: AUDIT COMMITTEE

More information

Policies and Procedures

Policies and Procedures NHS Blood and Transplant Policies and Procedures Information Charter [POL13] 2 Policy Reference Title Approved by This document replaces version issued June 2008 [POL13] NHSBT Information Charter Information

More information

INFORMATION GOVERNANCE POLICY

INFORMATION GOVERNANCE POLICY INFORMATION GOVERNANCE POLICY Issued by: Senior Information Risk Owner Policy Classification: Policy No: POLIG001 Information Governance Issue No: 1 Date Issued: 18/11/2013 Page No: 1 of 16 Review Date:

More information

CORE SKILLS FRAMEWORK INFORMATION GOVERNANCE LESSON NOTES AND TIPS FOR A SUGGESTED APPROACH

CORE SKILLS FRAMEWORK INFORMATION GOVERNANCE LESSON NOTES AND TIPS FOR A SUGGESTED APPROACH CORE SKILLS FRAMEWORK INFORMATION GOVERNANCE LESSON NOTES AND TIPS FOR A SUGGESTED APPROACH These notes are designed to be used in conjunction with the core training PowerPoint slides. The purpose of the

More information

Policy Document Control Page

Policy Document Control Page Policy Document Control Page Title Title: Data Protection Policy Version: 3 Reference Number: CO59 Keywords: Data, access, principles, protection, Act. Data Subject, Information Supersedes Supersedes:

More information

Freedom of Information Policy Version 6.0

Freedom of Information Policy Version 6.0 Freedom of Information Policy Lead executive Name / title of author: Date reviewed: September 2015 Chief Nurse, Executive Director for Risk and Governance Colin Owen, Information Governance and Data Security

More information

Data Protection Policy

Data Protection Policy Data Protection Policy Responsible Officer Author Date effective from July 2009 Ben Bennett, Business Planning & Resources Director Julian Lewis, Governance Manager Date last amended December 2012 Review

More information

Bupa Schools Scheme Looking after what s most important

Bupa Schools Scheme Looking after what s most important Provided by Bupa Schls Scheme Lking after what s most important bupa.co.uk/schlscheme The subscription rate is 67.50 per child each term and applies for membership year 1 September 2015 to 31 August 2016.

More information

Data Protection Policy

Data Protection Policy Data Protection Policy 1. Introduction to the Data Protection Policy Everyone who works for Chorley Council uses personal data in the course of their duties. Chorley Council must gather and process personal

More information

ADMINISTRATION SERVICES MANAGER

ADMINISTRATION SERVICES MANAGER JOB DESCRIPTION TITLE: LOCATION: DEPARTMENT: REPORTING TO: RESPONSIBLE FOR: ADMINISTRATION SERVICES MANAGER Highgate Private Hospital General Operations General Operations Manager Outpatients Administration,

More information

Information Governance Framework. June 2015

Information Governance Framework. June 2015 Information Governance Framework June 2015 Information Security Framework Janice McNay June 2015 1 Company Thirteen Group Lead Manager Janice McNay Date of Final Draft and Version Number June 2015 Review

More information

Your duties as a registrant. How to complete your continuing professional development profile

Your duties as a registrant. How to complete your continuing professional development profile Your duties as a registrant How to complete your continuing professional development profile Contents About this document 1 Section 1: Submitting your CPD profile 2 Auditing the CPD of health and care

More information

QUEENSLAND COUNTRY HEALTH FUND. privacy policy. Queensland Country Health Fund Ltd ABN 18 085 048 237. better health cover shouldn t hurt

QUEENSLAND COUNTRY HEALTH FUND. privacy policy. Queensland Country Health Fund Ltd ABN 18 085 048 237. better health cover shouldn t hurt QUEENSLAND COUNTRY HEALTH FUND privacy policy Queensland Country Health Fund Ltd ABN 18 085 048 237 better health cover shouldn t hurt 1 2 contents 1. Introduction 4 2. National Privacy Principles 5 3.

More information

CBHS HEALTH FUND LIMITED PRIVACY POLICY

CBHS HEALTH FUND LIMITED PRIVACY POLICY 1. Policy Statement CBHS Health Fund Limited ABN 87 087 648 717 (CBHS) is committed to maintaining the privacy of individuals whose information we collect in accordance with the Australian Privacy Principles

More information

Job Description. Line Management of a small team of staff administrating and managing patient and professional feedback and incidents.

Job Description. Line Management of a small team of staff administrating and managing patient and professional feedback and incidents. Job Description Job Title Pay Band Base Dept./Team Responsible to Accountable to Responsible for Complaints, Incidents and Governance Manager New Alderley House, Macclesfield Eastern Cheshire Clinical

More information

North East Ambulance Service NHS Foundation Trust. Job Description

North East Ambulance Service NHS Foundation Trust. Job Description North East Ambulance Service NHS Foundation Trust Job Description Job Title Patient Experience Clerk A4C Band 3 Accountability Complaints Manager Directorate Clinical Care and Patient Safety Date September

More information

Request under the Freedom of Information Act 2000 (FOIA)

Request under the Freedom of Information Act 2000 (FOIA) Our Ref: 005851/12 Freedom of Information Section Nottinghamshire Police HQ Sherwood Lodge, Arnold Nottingham NG5 8PP 1 November 2012 Tel: 101 Ext 800 2507 Fax: 0115 967 2896 Request under the Freedom

More information

Request under the Freedom of Information Act 2000 (FOIA)

Request under the Freedom of Information Act 2000 (FOIA) Our Ref: 002793/13 Freedom of Information Section Nottinghamshire Police HQ Sherwood Lodge, Arnold Nottingham NG5 8PP Tel: 101 Ext 800 2507 Fax: 0115 967 2896 23 April 2013 Request under the Freedom of

More information

What you should know about Data Quality. A guide for health and social care staff

What you should know about Data Quality. A guide for health and social care staff What you should know about Data Quality A guide for health and social care staff Please note the scope of this document is to provide a broad overview of data quality issues around personal health information

More information

Request under the Freedom of Information Act 2000 (FOIA)

Request under the Freedom of Information Act 2000 (FOIA) Our Ref: 000803/14 Freedom of Information Section Nottinghamshire Police HQ Sherwood Lodge, Arnold Nottingham NG5 8PP Tel: 101 Ext 800 2507 Fax: 0115 967 2896 19 March 2014 Request under the Freedom of

More information

Information Governance

Information Governance Information Governance What you will learn in this session? 1. Principles of Information Governance and their application to health and social care organisations 2. Accessing Information Governance resources

More information

1. JOB PURPOSE 2. KEY ACCOUNTABILITIES PRINCIPAL DUTIES:

1. JOB PURPOSE 2. KEY ACCOUNTABILITIES PRINCIPAL DUTIES: Job Title: Location/Base: Dept.: Reporting to: Pharmacy Technician Claremont Hospital Pharmacy Pharmacy Manager 1. JOB PURPOSE The Pharmacy Technician, as part of a dedicated team, plays a key role in

More information

ROYAL AUSTRALASIAN COLLEGE OF SURGEONS

ROYAL AUSTRALASIAN COLLEGE OF SURGEONS 1. SCOPE This policy details the College s privacy policy and related information handling practices and gives guidelines for access to any personal information retained by the College. This includes personal

More information

Guidance on health and character

Guidance on health and character Guidance on health and character Who is this document for?... 2 About the structure of this document... 2 Section 1: Introduction... 4 About us (the HPC)... 4 How we are run... 5 About registration...

More information

Request under the Freedom of Information Act 2000 (FOIA)

Request under the Freedom of Information Act 2000 (FOIA) Our Ref: 006685/12 Freedom of Information Section Nottinghamshire Police HQ Sherwood Lodge, Arnold Nottingham NG5 8PP Tel: 101 Ext 800 2507 Fax: 0115 967 2896 17 December 2012 Request under the Freedom

More information

Rick Parsons Information Governance Officer County Hall 01865 323593 rick.parsons@oxfordshire.gov.uk

Rick Parsons Information Governance Officer County Hall 01865 323593 rick.parsons@oxfordshire.gov.uk Rick Parsons Information Governance Officer County Hall 01865 323593 rick.parsons@oxfordshire.gov.uk 1 THE DATA PROTECTION ACT 1998 2 Requirements of the Act Roles & Responsibilities Best Practice 3 The

More information

Information Handling Policy

Information Handling Policy Information Handling Policy February 2015 Page 1 1. Introduction 1.1 About Bupa In this document, we, us, our and Bupa refers to Bupa Australia Pty Ltd (ABN 81 000 057 590) and its related entities and

More information

Access to Information: Data Protection and Freedom of Information

Access to Information: Data Protection and Freedom of Information Access to Information: Data Protection and Freedom of Information Records Management Section Data protection: key concepts Personal data Sensitive personal data Data subjects Data protection principles

More information

JOB DESCRIPTION. Enhanced CRB with Both Barred Lists Check

JOB DESCRIPTION. Enhanced CRB with Both Barred Lists Check JOB DESCRIPTION JOB TITLE: Service Manager (Access) BAND: Agenda for Change Band (Band 8b) HOURS AND: DURATION As specified in the job advertisement and the Contract of Employment AGENDA FOR CHANGE (reference

More information

Questions and answers for custodians about the Personal Health Information Privacy and Access Act (PHIPAA)

Questions and answers for custodians about the Personal Health Information Privacy and Access Act (PHIPAA) Questions and answers for custodians about the Personal Health Information Privacy and Access Act (PHIPAA) This document provides answers to some frequently asked questions about the The Personal Health

More information

JOB DESCRIPTION. Information Governance Manager

JOB DESCRIPTION. Information Governance Manager JOB DESCRIPTION POST TITLE: Information Governance Manager DIRECTORATE: ACCOUNTABLE TO: BAND: LOCATION: CSS Head of Information Governance 8a CSS Job Purpose The Information Governance Manager will ensure

More information

Data Protection Policy

Data Protection Policy Data Protection Policy Policy Details Produced by Assistant Principal Information Systems Date produced Approved by Senior Leadership Team (SLT) Date approved July 2011 Linked Policies and Freedom of Information

More information

POLICY & PROCEDURES INFORMATION & CLIENT RECORD MANAGEMENT

POLICY & PROCEDURES INFORMATION & CLIENT RECORD MANAGEMENT POLICY & PROCEDURES INFORMATION & CLIENT RECORD MANAGEMENT March 2015 Table of Contents INFORMATION & CLIENT RECORDS MANAGEMENT POLICY #01... 4 PRIVACY POLICY... 4 POLICY STATEMENT... 4 PROCEDURE... 5

More information

1.5 The Information Governance Policy should be read in conjunction with the Information Governance Strategy.

1.5 The Information Governance Policy should be read in conjunction with the Information Governance Strategy. Title: Reference No: NHSNYYIG - 007 Owner: Author: INFORMATION GOVERNANCE POLICY Director of Standards First Issued On: September 2010 Latest Issue Date: February 2012 Operational Date: February 2012 Review

More information

Health Information Manager Health Information and Quality Authority

Health Information Manager Health Information and Quality Authority CANDIDATES INFORMATION BOOKLET PLEASE READ CAREFULLY The Health Information and Quality Authority (HIQA) is undertaking a competition for the purpose of identifying suitable candidates for appointment

More information

WSIC Integrated Care Record FAQs

WSIC Integrated Care Record FAQs WSIC Integrated Care Record FAQs How your information is shared now Today, all the places where you receive care keep records about you. They can usually only share information from your records by letter,

More information