CORE SKILLS FRAMEWORK INFORMATION GOVERNANCE LESSON NOTES AND TIPS FOR A SUGGESTED APPROACH

Save this PDF as:
 WORD  PNG  TXT  JPG

Size: px
Start display at page:

Download "CORE SKILLS FRAMEWORK INFORMATION GOVERNANCE LESSON NOTES AND TIPS FOR A SUGGESTED APPROACH"

Transcription

1 CORE SKILLS FRAMEWORK INFORMATION GOVERNANCE LESSON NOTES AND TIPS FOR A SUGGESTED APPROACH These notes are designed to be used in conjunction with the core training PowerPoint slides. The purpose of the session is to provide induction level training in information governance for individual involved in routine access to personal healthcare information and records. The content of the slides relates to the general information that all employees should be presented with. However, the differing organisational requirements across institutions may mean that some slides will need to be adapted to reflect local information. How you choose to present this information is up to you you know your own training style and have better insight into what your audience wants and needs. If you have the time, feel free to add exercises, games, video clips, etc. Further training may be required by individual organisations. In keeping with the guidance offered in the Core Skills Framework, it is anticipated that this session should last for 45mins to 1hour. IG Trainer Notes March 2014 Page 1 of 29

2 SLIDE 1: Information Governance This is an opportunity for you to introduce yourself and explain how you intend to run the session. This will depend on your own training style, but you should consider: when and how you will take questions? e.g. - Do you want these as you proceed through the presentation or at the end? what activities will you use? In addition to presentation, will you have exercises, activities, assessment, etc.? what happens next? e.g. -. how will their attendance and any subsequent assessment be recorded? Please remember to update this slide to reflect local information. IG Trainer Notes March 2014 Page 2 of 29

3 SLIDE 2: What you will learn in this session This relates to both the National and Local learning outcomes that have been defined as part of the Core Skills project. To make this more user-friendly, these are articulated as what participants will learn and also mapped against the Core Skills Framework learning outcomes as indicated overleaf: IG Trainer Notes March 2014 Page 3 of 29

4 What participants will learn Core skills framework learning outcome Level 1: Learning Outcomes for all staff working in healthcare organisations Principles of Information Governance and Understand the principles of Information their application to healthcare Governance and how they apply in every day organisations working environments How to practice and promote a confidential service Understand within the context of their specific role how to provide a confidential service to patients and service users in line with the duty of confidentiality Know how to ensure and maintain good record keeping. Principles of ensuring and maintaining good Level client 1a: Additional records Learning Outcomes for staff/students involved in routine access to information Protection of individuals confidentiality and Understand fundamentals of data protection, the Caldicott principles confidentiality and the Caldicott Principles Healthcare organisation s responsibilities Recognising & responding to Freedom of Information requests **Principles of ensuring and maintaining good client records Keeping Information Secure Information Governance resources including national legislation, guidance and local policies & procedures Understand the responsibilities of healthcare organisations under the Freedom of Information Act 2000 Understand individual responsibilities in responding to a Freedom of Information request Understand the principles of good record keeping. Understand, within the context of their role, how they can apply and maintain information security guidelines. Know where they can gain local access to policies, procedures and further information on Information Governance. IG Trainer Notes March 2014 Page 4 of 29

5 SLIDE 3: What is Information Governance Explain how Information Governance refers to how both employees and organisations handle information. Provide lots of different examples of the type of information this may include. Explain how good information governance practice will hopefully ensure the necessary safeguards for, and appropriate use of patient and service user s personal and sensitive information as well as the health and social care organisations records. This is a good opportunity to introduce the idea that there has to be an appropriate balance between the protection of the patient/ service users personal and particularly sensitive information and the obvious need for appropriate sharing of information to ensure high quality care delivery. Begin to introduce the principle of confidentiality. IG Trainer Notes March 2014 Page 5 of 29

6 SLIDE 4: What is Information Governance? This is similar to the above but allows you to expand on the principle of a framework. The Information Governance Framework for health and social care is formed by those elements of law and policy from which applicable information governance standards are derived, and the activities and roles which individually and collectively ensure that these standards are clearly defined and met. NHS Connecting for Health (2013). The central focus of information governance is how personal and sensitive information about patients and service users is managed from conception to destruction. Remember to inform participants that information governance applies tocorporate/organisations governance information. Discuss that it applies to information and the processing of information. The principles and framework for information governance are applied in the same way to: NHS Trusts (Acute, Paediatric, Mental Health Community) Foundation Trusts Independent sector NHS providers (through contractual arrangements) IG Trainer Notes March 2014 Page 6 of 29

7 SLIDE 5: What is Information? This slide if fairly self explanatory. Ask participants to provide further examples. Discuss where the information can be found. Ask participants for examples Health records, case notes, doctors, nurse, paramedic notes. Prescriptions. Databases, post it notes. It is important to introduce here that organisations are also responsible for their employee s personal data. What about HR files? Interview notes. Disciplinary procedures and notes. Corporate or organisation may include details of estates contracts, minutes of meetings. Notes that people take down at meetings in the wrong hands could be very damaging. IG Trainer Notes March 2014 Page 7 of 29

8 SLIDE 6: Why is Information Governance so important It s important both ethically and legally. There are many laws, principles, policies and procedures that have been developed in order to protect individuals including patients, service users and employees. However if followed correctly these will also guide and protect public organisations. IG Trainer Notes March 2014 Page 8 of 29

9 SLIDE 7: Why is Information Governance so important? It s important both ethically and legally. There are many laws, principles, policies and procedures that have been developed in order to protect individuals including patients, service users and employees. However if these are followed correctly it will also guide and protect public organisations. IG Trainer Notes March 2014 Page 9 of 29

10 SLIDE 8: Why is Information Governance so important? It s important both ethically and legally. There are many laws, principles, policies and procedures that have been developed in order to protect individuals including patients, service users and employees. However if followed correctly these will also guide and protect public organisations. The NHS Chief Executive has made it clear that ultimate responsibility for information governance in the NHS rests with the board of each NHS organisation (for staff new to the NHS you may need to explain who the board is and also their role). Each organisation is required to have a board-level Senior Information Risk Owner (SIRO) and a senior Information Asset Owner should be designated for every separate database or other major information asset. The SIRO Is accountable Fosters a culture for protecting and using data Provides a focal point for managing information risks and incidents Is concerned with the management of all information assets The SIRO s role is different to the Caldicott guardian (see below for role of the Caldicott Guardian). IG Trainer Notes March 2014 Page 10 of 29

11 The SIRO however does have to closely with the Caldicott Guardian and consult him/her where appropriate when conducting information risk reviews for assets which comprise or contain patient information. SLIDE 9: Information Governance requirements for health & social care organisations This slide is about how information is handled which is the key element of Information Governance. Introduce here the HORUS model developed by the Department of Health for managing information. IG Trainer Notes March 2014 Page 11 of 29

12 SLIDE 10: The Law and Information Governance Firstly discuss the differences between Common law and legislation (Acts of Parliament). Common law is not written out in one document like an Act of Parliament. It is a form of law based on previous court cases decided by judges; hence, it is also referred to as 'judgemade' or case law. The law is applied by reference to those previous cases, so common law is also said to be based on precedent. Introduce each point separately. Common Law of Confidentiality: Taken from Department of Health 2013 The general position is that if information is given in circumstances where it is expected that a duty of confidence applies, that information cannot normally be disclosed without the information provider's consent. In practice, this means that all patient information, whether held on paper, computer, visually or audio recorded, or held in the memory of the professional, must not normally be disclosed without the consent of the patient. It is irrelevant how old the patient is or what the state of their mental health is; the duty still applies. Three circumstances making disclosure of confidential information lawful are: where the individual to whom the information relates has consented; where disclosure is in the public interest; and where there is a legal duty to do so, for example a court order. IG Trainer Notes March 2014 Page 12 of 29

13 Computer Misuse Act: It is an offence to access or attempt to access computer information without appropriate authorisation. Data Protection Act: The Data Protection Act controls how an individual s personal information is used by organisations including health and social care organisations. Everyone who is responsible for using data has to follow strict rules called data protection principles. They must make sure the information is: used fairly and lawfully used for limited, specifically stated purposes used in a way that is adequate, relevant and not excessive accurate kept for no longer than is absolutely necessary handled according to people s data protection rights kept safe and secure not transferred outside the UK without adequate protection There is stronger legal protection for more sensitive information, such as: ethnic background political opinions religious beliefs health sexual health criminal records The Human Rights Act: The Human Rights Act 1998 (also known as the Act or the HRA) came into force in the United Kingdom in October It is composed of a series of sections that have the effect of codifying the protections in the European Convention on Human Rights into UK law. All public bodies (such as courts, police, local governments, hospitals, publicly funded schools, and others) and other bodies carrying out public functions have to comply with the Convention rights. This means, among other things, those individuals can take human rights cases in domestic courts; they no longer have to go to Strasbourg to argue their case in the European Court of Human Rights. The Act sets out the fundamental rights and freedoms that individuals in the UK have access to. Freedom of Information Act: IG Trainer Notes March 2014 Page 13 of 29

14 The Freedom of Information Act gives individual the right to ask any public sector organisations including health and social care organisations for all the recorded information they have on any subject. Anyone can make a request for information there are no restrictions on your age, nationality or where you live. A request will be handled under the Data Protection Act if they ask for information about themselves. SLIDE 11: Standards, Policies & Codes of Practice IG Trainer Notes March 2014 Page 14 of 29

15 SLIDE 12: Always follow the Caldicott The Caldicott Principles are legal and must be applied. IG Trainer Notes March 2014 Page 15 of 29

16 SLIDE 13: Caldicott Guardians The Caldicott Guardian Is advisory Is the conscience of the organisation Provides a focal point for patient confidentiality & information sharing issues Is concerned with the management of patient information IG Trainer Notes March 2014 Page 16 of 29

17 SLIDE 14: Subject Access Requests This is a request from an individual l who wants to view the personal information that is held about them. Patients and service users may request to see their health and social care records Employees may request to see their HR records. There is a formal process which organisations should have in place to provide this information. IG Trainer Notes March 2014 Page 17 of 29

18 SLIDE 15: What is a Freedom of Information Request? Appropriate to emphasise here the difference between the Data Protection Act principles and Freedom of Information Act. Individuals have the right of access to information about them ('personal data'), which is held on computer, and in some paper files, under the Data Protection Act The Freedom of Information Act extended this right to allow the public to access to all other types of information held. That is non- personal public authority information. Provide more examples that might cause a stir! E.g. work s, handover notes, off duty rotas. The Act does, however, set out some exemptions to this right and it also places a number of obligations on public authorities about the way in which they provide information. Subject to the exemptions anyone making a request has the right to be told whether information exists and the right to receive the information. In general, a response must be provided within 20 working days. There is also a duty on public authorities to provide advice or assistance to anyone seeking information (for example in order to explain what is readily available or to clarify what is wanted). Summarise that the Act gives individual s the right to access/view all non-personal public authority information upon request; Emphasise that requests must be in writing. IG Trainer Notes March 2014 Page 18 of 29

19 Ask the group who their FOI Lead is. If they don t know discuss how they could find out. Provide some possible examples of exemptions. FOI Lead will decide. This could be made more real and interesting by demonstrating how participants have rights regards to information that may affect them and how they can access non personal information that may be affecting their personal lives. Organisations could face financial penalties if they don t comply or if they are in breech of the Act Slide 16: Can you recognise a Freedom of Information Request? IG Trainer Notes March 2014 Page 19 of 29

20 SLIDE 17: Your duty of Confidence The emphasis here is on ensuring participants understand they have a legal duty of confidence. This is a common law and statutory legal duty as well as a professional duty. IG Trainer Notes March 2014 Page 20 of 29

21 SLIDE 18: Duty of Confidence IG Trainer Notes March 2014 Page 21 of 29

22 SLIDE 19: Good Quality Record Keeping The emphasis here must be on the importance of producing good quality information and records. Talk about the principles applying to both records that are hand written and electronically produced. Emphasis with examples should be placed on how poor quality record keeping can place patients & service users, employees and organisations at risk. Poor quality records or inaccurate information put patients/service users at risk. Emphasis on factual information that is clearly written, concise, complete as well as legible. Have personal details changed? Highlight risks with duplicated records. One set may not be up to date. Crucial information could be missed. Refer students to Professional Standards of Practice and NHS guidance. Good record keeping is also essential in case of requests under the Data Protection Act or the Freedom of Information Act. IG Trainer Notes March 2014 Page 22 of 29

23 SLIDE 20: Good Quality Record Keeping IG Trainer Notes March 2014 Page 23 of 29

24 SLIDE 21: Information Security Information security is a very contemporary topic. Concerns about public sector data protection have resulted in the Government directing a range of standards for managing information risk, an important element of information governance. These standards are reflected within the NHS Information Governance Toolkit which can be accessed from https://www.igt.connectingforhealth.nhs.uk/ There have been some significant breeches by high profile public figures. Provide some examples of recent breeches participants may have heard of. Discuss how they could have been avoided. What errors were behind these breeches? Simple actions can keep information secure and confidential. Some discussion here about local records management arrangements, and local processes such as your Safe Haven process. Discuss again the Department of Health, Records Management NHS Code of Practice guidance. Remember simple actions will keep information secure and confidential. However, it is also simple and thoughtless actions which often result in breeches of confidentiality. IG Trainer Notes March 2014 Page 24 of 29

25 SLIDE 22: Information Security A serious matter You should particularly highlight that the organisations may use surveillance methods to check that the use of any information and systems are being appropriately used. Learners need to appreciate that they have a legal responsibility to ensure the appropriate access and use of information and systems, and any failure by them could result in disciplinary and legal action So information Security is a serious matter. IG Trainer Notes March 2014 Page 25 of 29

26 SLIDE 23: Your responsibilities IG Trainer Notes March 2014 Page 26 of 29

27 SLIDE 24: Useful sources of information SLIDE 25: Acknowledgements IG Trainer Notes March 2014 Page 27 of 29

28 SLIDE 26: Thank you and any Questions Remember to leave some time at the end for questions and answers. Use this as an opportunity to remind them who you are and where they can go for extra information. IG Trainer Notes March 2014 Page 28 of 29

29 IG Trainer Notes March 2014 Page 29 of 29

Information Governance

Information Governance Information Governance What you will learn in this session? 1. Principles of Information Governance and their application to health and social care organisations 2. Accessing Information Governance resources

More information

Data Protection Policy

Data Protection Policy Data Protection Policy Version: V1 Ratified by: Operational Management Executive Committee Date ratified: 26 September 2013 Name and Title of originator/author(s): Chris Brady, FOI, Data Protection and

More information

Policy Document Control Page

Policy Document Control Page Policy Document Control Page Title Title: Data Protection Policy Version: 3 Reference Number: CO59 Keywords: Data, access, principles, protection, Act. Data Subject, Information Supersedes Supersedes:

More information

INFORMATION GOVERNANCE POLICY

INFORMATION GOVERNANCE POLICY INFORMATION GOVERNANCE POLICY Issued by: Senior Information Risk Owner Policy Classification: Policy No: POLIG001 Information Governance Issue No: 1 Date Issued: 18/11/2013 Page No: 1 of 16 Review Date:

More information

NHS Newcastle Gateshead Clinical Commissioning Group. Information Governance Strategy 2015/16

NHS Newcastle Gateshead Clinical Commissioning Group. Information Governance Strategy 2015/16 NHS Newcastle Gateshead Clinical Commissioning Group Information Governance Strategy 2015/16 Document Status Equality Impact Assessment Document Ratified/Approved By Approved No impact NHS Quality, Safety

More information

INFORMATION GOVERNANCE POLICY

INFORMATION GOVERNANCE POLICY INFORMATION GOVERNANCE POLICY Information Governance Policy_v2.0_060913_LP Page 1 of 14 Information Reader Box Directorate Purpose Document Purpose Document Name Author Corporate Governance Guidance Policy

More information

INFORMATION GOVERNANCE POLICY

INFORMATION GOVERNANCE POLICY INFORMATION GOVERNANCE POLICY Primary Intranet Location Information Management & Governance Version Number Next Review Year Next Review Month 7.0 2018 January Current Author Phil Cottis Author s Job Title

More information

NHS North Durham Clinical Commissioning Group. Information Governance Strategy 2015/16

NHS North Durham Clinical Commissioning Group. Information Governance Strategy 2015/16 NHS North Durham Clinical Commissioning Group Information Governance Strategy 2015/16 Document Status Equality Impact Assessment Document Ratified/Approved By Final No impact Risk and Audit Committee/Governing

More information

Information Governance Strategy 2015/16

Information Governance Strategy 2015/16 Information Governance Strategy 2015/16 Ratified Governing Body (November 2015) Status Final Issued November 2015 Approved By Executive Committee (August 2015) Consultation Equality Impact Assessment Internal

More information

All CCG staff. This policy is due for review on the latest date shown above. After this date, policy and process documents may become invalid.

All CCG staff. This policy is due for review on the latest date shown above. After this date, policy and process documents may become invalid. Policy Type Information Governance Corporate Standing Operating Procedure Human Resources X Policy Name CCG IG03 Information Governance & Information Risk Policy Status Committee approved by Final Governance,

More information

Merthyr Tydfil County Borough Council. Data Protection Policy

Merthyr Tydfil County Borough Council. Data Protection Policy Merthyr Tydfil County Borough Council Data Protection Policy 2014 Cyfarthfa High School is a Rights Respecting School, we recognise the importance of ensuring that the United Nations Convention of the

More information

Information Governance Policy

Information Governance Policy Information Governance Policy 1 Introduction Healthwatch Rutland (HWR) needs to collect and use certain types of information about the Data Subjects who come into contact with it in order to carry on its

More information

INFORMATION GOVERNANCE AND SECURITY 1 POLICY DRAFTED BY: INFORMATION GOVERNANCE LEAD 2 ACCOUNTABLE DIRECTOR: SENIOR INFORMATION RISK OWNER

INFORMATION GOVERNANCE AND SECURITY 1 POLICY DRAFTED BY: INFORMATION GOVERNANCE LEAD 2 ACCOUNTABLE DIRECTOR: SENIOR INFORMATION RISK OWNER INFORMATION GOVERNANCE AND SECURITY 1 POLICY DRAFTED BY: INFORMATION GOVERNANCE LEAD 2 ACCOUNTABLE DIRECTOR: SENIOR INFORMATION RISK OWNER 3 APPLIES TO: ALL STAFF 4 COMMITTEE & DATE APPROVED: AUDIT COMMITTEE

More information

INFORMATION GOVERNANCE POLICY

INFORMATION GOVERNANCE POLICY INFORMATION GOVERNANCE POLICY Version: 3.2 Authorisation Committee: Date of Authorisation: May 2014 Ratification Committee Level 1 documents): Date of Ratification Level 1 documents): Signature of ratifying

More information

1.5 The Information Governance Policy should be read in conjunction with the Information Governance Strategy.

1.5 The Information Governance Policy should be read in conjunction with the Information Governance Strategy. Title: Reference No: NHSNYYIG - 007 Owner: Author: INFORMATION GOVERNANCE POLICY Director of Standards First Issued On: September 2010 Latest Issue Date: February 2012 Operational Date: February 2012 Review

More information

NHS Hartlepool and Stockton-on-Tees Clinical Commissioning Group. Information Governance Strategy 2015/16

NHS Hartlepool and Stockton-on-Tees Clinical Commissioning Group. Information Governance Strategy 2015/16 NHS Hartlepool and Stockton-on-Tees Clinical Commissioning Group Information Governance Strategy 2015/16 Document Status Equality Impact Assessment Final No impact Document Ratified/Approved By Hartlepool

More information

The Leeds Teaching Hospitals NHS Trust. Research & Development Department DATA PROTECTION IN RESEARCH GUIDANCE NOTES FOR RESEARCHERS

The Leeds Teaching Hospitals NHS Trust. Research & Development Department DATA PROTECTION IN RESEARCH GUIDANCE NOTES FOR RESEARCHERS The Leeds Teaching Hospitals NHS Trust Research & Development Department DATA PROTECTION IN RESEARCH GUIDANCE NOTES FOR RESEARCHERS 1. Introduction The Research Governance Framework for Health & Social

More information

INFORMATION GOVERNANCE STRATEGY NO.CG02

INFORMATION GOVERNANCE STRATEGY NO.CG02 INFORMATION GOVERNANCE STRATEGY NO.CG02 Applies to: All NHS LA employees, Non-Executive Directors, secondees and consultants, and/or any other parties who will carry out duties on behalf of the NHS LA.

More information

INFORMATION RISK MANAGEMENT POLICY

INFORMATION RISK MANAGEMENT POLICY INFORMATION RISK MANAGEMENT POLICY DOCUMENT CONTROL: Version: 1 Ratified by: Steering Group / Risk Management Sub Group Date ratified: 21 November 2012 Name of originator/author: Manager Name of responsible

More information

Data Protection Policy

Data Protection Policy Data Protection Policy Responsible Officer Author Date effective from July 2009 Ben Bennett, Business Planning & Resources Director Julian Lewis, Governance Manager Date last amended December 2012 Review

More information

INFORMATION GOVERNANCE OPERATING POLICY & FRAMEWORK

INFORMATION GOVERNANCE OPERATING POLICY & FRAMEWORK INFORMATION GOVERNANCE OPERATING POLICY & FRAMEWORK Log / Control Sheet Responsible Officer: Chief Finance Officer Clinical Lead: Dr J Parker, Caldicott Guardian Author: Associate IG Specialist, Yorkshire

More information

Information Governance Policy Version - Final Date for Review: 1 October 2017 Lead Director: Performance, Quality and Cooperate Affairs

Information Governance Policy Version - Final Date for Review: 1 October 2017 Lead Director: Performance, Quality and Cooperate Affairs Information Governance Policy Version - Final Date for Review: 1 October 2017 Lead Director: Performance, Quality and Cooperate Affairs NOTE: This is a CONTROLLED Document. Any documents appearing in paper

More information

Information Governance Strategy

Information Governance Strategy Information Governance Strategy Document Status Draft Version: V2.1 DOCUMENT CHANGE HISTORY Initiated by Date Author Information Governance Requirements September 2007 Information Governance Group Version

More information

Information Governance Strategy. Version No 2.0

Information Governance Strategy. Version No 2.0 Plymouth Community Healthcare CIC Information Governance Strategy Version No 2.0 Notice to staff using a paper copy of this guidance. The policies and procedures page of PCH Intranet holds the most recent

More information

Version Number Date Issued Review Date V1 25/01/2013 25/01/2013 25/01/2014. NHS North of Tyne Information Governance Manager Consultation

Version Number Date Issued Review Date V1 25/01/2013 25/01/2013 25/01/2014. NHS North of Tyne Information Governance Manager Consultation Northumberland, Newcastle North and East, Newcastle West, Gateshead, South Tyneside, Sunderland, North Durham, Durham Dales, Easington and Sedgefield, Darlington, Hartlepool and Stockton on Tees and South

More information

INFORMATION GOVERNANCE POLICY

INFORMATION GOVERNANCE POLICY Directorate of Performance Assurance INFORMATION GOVERNANCE POLICY Reference: DCP074 Version: 2.5 This version issued: 27/03/15 Result of last review: Minor changes Date approved by owner (if applicable):

More information

Information Governance Policy

Information Governance Policy Information Governance Policy UNIQUE REF NUMBER: AC/IG/013/V1.2 DOCUMENT STATUS: Approved by Audit Committee 19 June 2013 DATE ISSUED: June 2013 DATE TO BE REVIEWED: June 2014 1 P age AMENDMENT HISTORY

More information

Information Governance Strategy

Information Governance Strategy Information Governance Strategy ONCE PRINTED OFF, THIS IS AN UNCONTROLLED DOCUMENT. PLEASE CHECK THE INTRANET FOR THE MOST UP TO DATE COPY Target Audience: All staff employed or working on behalf of the

More information

The EDGE 2014 User Conference Information Governance Workshop

The EDGE 2014 User Conference Information Governance Workshop The EDGE 2014 User Conference Information Governance Workshop Monday 17 th March 2014 Debbie Terry Agenda What is Information Governance? New developments in legislation Your questions answered Caldicott

More information

Information Governance Policy

Information Governance Policy Information Governance Policy Policy Summary This policy outlines the organisation s approach to the management of Information Governance and information handling. It explains the accountability and reporting

More information

Policy Document Control Page

Policy Document Control Page Policy Document Control Page Title Title: Information Governance Policy Version: 5 Reference Number: CO44 Keywords: Information Governance Supersedes Supersedes: Version 4 Description of Amendment(s):

More information

Information Governance Policy

Information Governance Policy Author: Susan Hall, Information Governance Manager Owner: Fiona Jamieson, Assistant Director of Healthcare Governance Publisher: Compliance Unit Date of first issue: February 2005 Version: 5 Date of version

More information

Information Governance Framework and Strategy. November 2014

Information Governance Framework and Strategy. November 2014 November 2014 Authorship : Committee Approved : Chris Wallace Information Governance Manager CCG Senior Management Team and Joint Trade Union Partnership Forum Approved Date : November 2014 Review Date

More information

INFORMATION GOVERNANCE POLICY

INFORMATION GOVERNANCE POLICY ENFIELD CLINICAL COMMISSIONING GROUP INFORMATION GOVERNANCE POLICY PLEASE DESTROY ALL PREVIOUS VERSIONS OF THIS DOCUMENT Enfield CCG Information Governance Policy Information Governance Policy (Policy

More information

Information Governance Policy

Information Governance Policy Information Governance Policy Version: 4 Bodies consulted: Caldicott Guardian, IM&T Directors Approved by: MT Date Approved: 27/10/2015 Lead Manager: Governance Manager Responsible Director: SIRO Date

More information

INFORMATION GOVERNANCE POLICY & FRAMEWORK

INFORMATION GOVERNANCE POLICY & FRAMEWORK INFORMATION GOVERNANCE POLICY & FRAMEWORK Version 1.2 Committee Approved by Audit Committee Date Approved 5 March 2015 Author: Responsible Lead: Associate IG Specialist, YHCS Corporate & Governance Manger

More information

INFORMATION GOVERNANCE POLICY

INFORMATION GOVERNANCE POLICY INFORMATION GOVERNANCE POLICY Name of Policy Author: Name of Review/Development Body: Ratification Body: Ruth Drewett Information Governance Steering Group Committee Trust Board : April 2015 Review date:

More information

Information Governance Policy. 2 RESPONSIBLE PERSON: Steve Beeho, Head of Integrated Governance. All CCG-employed staff.

Information Governance Policy. 2 RESPONSIBLE PERSON: Steve Beeho, Head of Integrated Governance. All CCG-employed staff. Information Governance Policy 1 SUMMARY This policy is intended to ensure that staff are fully aware of their Information Governance (IG) responsibilities, so that they can effectively manage and best

More information

Data Protection Policy

Data Protection Policy Data Protection Policy April 2014 Author: Jennifer McLaren, Assistant Principal, Curriculum Support & Finance Impact Assessment Date: 15 February 2010 Date: April 2014 Contents 1 Purpose... 2 2 Policy...

More information

Information Governance Strategy

Information Governance Strategy Information Governance Strategy THCCGCG9 Version: 01 The information governance strategy outlines the CCG governance aims and the key objectives of its governance policies. The Chief officer has the overarching

More information

Information Governance Policy

Information Governance Policy Information Governance Policy Policy ID IG02 Version: V1 Date ratified by Governing Body 27/09/13 Author South Commissioning Support Unit Date issued: 21/10/13 Last review date: N/A Next review date: September

More information

NHS Commissioning Board: Information governance policy

NHS Commissioning Board: Information governance policy NHS Commissioning Board: Information governance policy DOCUMENT STATUS: To be approved / Approved DOCUMENT RATIFIED BY: DATE ISSUED: October 2012 DATE TO BE REVIEWED: April 2013 2 AMENDMENT HISTORY: VERSION

More information

Information Governance Strategy

Information Governance Strategy Information Governance Strategy To whom this document applies: All Trust staff, including agency and contractors Procedural Documents Approval Committee Issue Date: January 2010 Version 1 Document reference:

More information

Information Governance Framework

Information Governance Framework Information Governance Framework Authorship: Chris Wallace, Information Governance Manager Committee Approved: Integrated Audit and Governance Committee Approved date: 11th March 2014 Review Date: March

More information

WEST LOTHIAN COUNCIL DATA PROTECTION ACT 1998 POLICY

WEST LOTHIAN COUNCIL DATA PROTECTION ACT 1998 POLICY WEST LOTHIAN COUNCIL DATA PROTECTION ACT 1998 POLICY Version 3.0 DATA PROTECTION ACT 1998 POLICY CONTENTS 1. INTRODUCTION... 3 2. PROVISIONS OF THE ACT... 4 3. SCOPE... 4 4. GENERAL POLICY STATEMENT...

More information

Record keeping. Guidance for nurses and midwives

Record keeping. Guidance for nurses and midwives Record keeping Guidance for nurses and midwives 1 We are the nursing and midwifery regulator for England, Wales, Scotland, Northern Ireland and the Islands. We exist to safeguard the health and wellbeing

More information

Data Protection Policy

Data Protection Policy Data Protection Policy CONTENTS Introduction...2 1. Statement of Intent...2 2. Fair Processing or Privacy Statement...3 3. Data Uses and Processes...4 4. Data Quality and Integrity...4 5. Technical and

More information

NHS Waltham Forest Clinical Commissioning Group Information Governance Policy

NHS Waltham Forest Clinical Commissioning Group Information Governance Policy NHS Waltham Forest Clinical Commissioning Group Information Governance Policy Author: Zeb Alam & David Pearce Version 3.0 Amendments to Version 2.1 Updates made in line with National Guidance and Legislation

More information

HOW WE USE YOUR PERSONAL INFORMATION

HOW WE USE YOUR PERSONAL INFORMATION HOW WE USE YOUR PERSONAL INFORMATION Information Leaflet Your Health. Our Priority. Page 2 of 9 Introduction This Leaflet explains why the NHS collects information about you and how it is used, your right

More information

SOMERSET PARTNERSHIP NHS FOUNDATION TRUST RECORDS MANAGEMENT STRATEGY. Report to the Trust Board 22 September 2015. Information Governance Manager

SOMERSET PARTNERSHIP NHS FOUNDATION TRUST RECORDS MANAGEMENT STRATEGY. Report to the Trust Board 22 September 2015. Information Governance Manager SOMERSET PARTNERSHIP NHS FOUNDATION TRUST RECORDS MANAGEMENT STRATEGY Report to the Trust Board 22 September 2015 Sponsoring Director: Author: Purpose of the report: Key Issues and Recommendations: Director

More information

INFORMATION GOVERNANCE POLICY

INFORMATION GOVERNANCE POLICY INFORMATION GOVERNANCE POLICY Including the Information Governance Strategy Framework and associated Information Governance Procedures Last Review Date Approving Body N/A Governing Body Date of Approval

More information

Data Protection Policy

Data Protection Policy Data Protection Policy Owner : Head of Information Management Document ID : ICT-PL-0099 Version : 2.0 Date : May 2015 We will on request produce this Policy, or particular parts of it, in other languages

More information

Barnsley Clinical Commissioning Group. Information Governance Policy and Management Framework

Barnsley Clinical Commissioning Group. Information Governance Policy and Management Framework Putting Barnsley People First Barnsley Clinical Commissioning Group Information Governance Policy and Management Framework Version: 1.1 Approved By: Governing Body Date Approved: 16 January 2014 Name of

More information

DATA PROTECTION POLICY

DATA PROTECTION POLICY DATA PROTECTION POLICY Version 1.3 April 2014 Contents 1 POLICY STATEMENT...2 2 PURPOSE....2 3 LEGAL CONTEXT AND DEFINITIONS...2 3.1 Data Protection Act 1998...2 3.2 Other related legislation.....4 3.3

More information

Information Governance Policy (incorporating IM&T Security)

Information Governance Policy (incorporating IM&T Security) (incorporating IM&T Security) ONCE PRINTED OFF, THIS IS AN UNCONTROLLED DOCUMENT. PLEASE CHECK THE INTRANET FOR THE MOST UP TO DATE COPY Target Audience: All staff employed or working on behalf of the

More information

Non ASPH Trust Staff - DATA ACCESS REQUEST Page 1/3

Non ASPH Trust Staff - DATA ACCESS REQUEST Page 1/3 Paper 9 Non ASPH Trust Staff - DATA ACCESS REQUEST Page 1/3 Please ensure that all THREE pages of this contract are returned to: Information Governance Manager, Health Informatics, Chertsey House, St Peter

More information

2. Scope 2.1 This policy covers all the activities and processes of the University that uses personal information in whatever format.

2. Scope 2.1 This policy covers all the activities and processes of the University that uses personal information in whatever format. University of Westminster Personal Data Protection Policy For Compliance with the Data Protection Act 1998 1. Background 1.1 The Data Protection Act 1998 (DPA) defines personal data as data and information

More information

JOB DESCRIPTION. Information Governance Manager

JOB DESCRIPTION. Information Governance Manager JOB DESCRIPTION POST TITLE: Information Governance Manager DIRECTORATE: ACCOUNTABLE TO: BAND: LOCATION: CSS Head of Information Governance 8a CSS Job Purpose The Information Governance Manager will ensure

More information

INFORMATION GOVERNANCE AND DATA PROTECTION POLICY

INFORMATION GOVERNANCE AND DATA PROTECTION POLICY INFORMATION GOVERNANCE AND DATA PROTECTION POLICY WN CCG Information Governance & Data Protection Policy July 2013 1 Document Control Sheet Name of Document: Information Governance & Data Protection Policy

More information

Information Governance policy

Information Governance policy Information Governance policy Key Points Information is a vital asset, both in terms of the clinical management of individual patients and the efficient management of services and resources throughout

More information

Information Governance Policy

Information Governance Policy Information Governance Policy Document Number 01 Version Number 2.0 Approved by / Date approved Effective Authority Customer Services & ICT Authorised by Assistant Director Customer Services & ICT Contact

More information

Date of review: January 2016 Policy Category: Corporate Sponsor (Director): Chief Executive CONTENT SECTION DESCRIPTION PAGE.

Date of review: January 2016 Policy Category: Corporate Sponsor (Director): Chief Executive CONTENT SECTION DESCRIPTION PAGE. Title: Information Governance Policy Date Approved: Approved by: Date of review: Policy Ref: Issue: January 2015 Information Governance Group Division/Department: January 2016 Policy Category: ISP-04 5

More information

Policies for: Information Governance Information Quality Information Management Information Security. Version Control Version: 0.1

Policies for: Information Governance Information Quality Information Management Information Security. Version Control Version: 0.1 Policies for: Information Governance Information Quality Information Management Information Security Approved by: None this version Date approved: Name of originator/author: Ade Oduntan, Mike Hellier,

More information

Hampstead Parochial CofE Primary School Data Protection Policy Spring 2015

Hampstead Parochial CofE Primary School Data Protection Policy Spring 2015 Hampstead Parochial CofE Primary School Data Protection Policy Spring 2015 1. Introduction and Scope 1.1 The Data Protection Act 1998 is the law that protects personal privacy and applies to any school

More information

A Question of Balance

A Question of Balance A Question of Balance Independent Assurance of Information Governance Returns Audit Requirement Sheets Contents Scope 4 How to use the audit requirement sheets 4 Evidence 5 Sources of assurance 5 What

More information

POLICY FRAMEWORK AND STANDARDS INFORMATION SHARING BETWEEN GOVERNMENT AGENCIES

POLICY FRAMEWORK AND STANDARDS INFORMATION SHARING BETWEEN GOVERNMENT AGENCIES POLICY FRAMEWORK AND STANDARDS INFORMATION SHARING BETWEEN GOVERNMENT AGENCIES January 2003 CONTENTS Page 1. POLICY FRAMEWORK 1.1 Introduction 1 1.2 Policy Statement 1 1.3 Aims of the Policy 1 1.4 Principles

More information

Corporate ICT & Data Management. Data Protection Policy

Corporate ICT & Data Management. Data Protection Policy 90 Corporate ICT & Data Management Data Protection Policy Classification: Unclassified Date Created: January 2012 Date Reviewed January Version: 2.0 Author: Owner: Data Protection Policy V2 1 Version Control

More information

Scottish Rowing Data Protection Policy

Scottish Rowing Data Protection Policy Revision Approved by the Board August 2010 1. Introduction As individuals, we want to know that personal information about ourselves is handled properly, and we and others have specific rights in this

More information

Information Sharing Policy

Information Sharing Policy Information Sharing Policy REFERENCE NUMBER IG 010 / 0v3 February 2013 VERSION V1.0 APPROVING COMMITTEE & DATE Clinical Executive Committee 5.2.13 REVIEW DUE DATE February 2016 West Lancashire CCG is committed

More information

INFORMATION GOVERNANCE STRATEGY

INFORMATION GOVERNANCE STRATEGY INFORMATION GOVERNANCE STRATEGY Page 1 of 10 Strategy Owner Valerie Penn, Head of Governance Strategy Author Caroline Law, Information Governance Project Manager Directorate Corporate Governance Ratifying

More information

Information Governance Policy

Information Governance Policy Information Governance Policy Reference: Information Governance Policy Date Approved: April 2013 Approving Body: Board of Trustees Implementation Date: April 2013 Version: 6 Supersedes: 5 Stakeholder groups

More information

USE OF PERSONAL MOBILE DEVICES POLICY

USE OF PERSONAL MOBILE DEVICES POLICY Policies and Procedures USE OF PERSONAL MOBILE DEVICES POLICY Date Approved by Information Strategy Group Version Issue Date Review Date Executive Lead Information Asset Owner Author 15.04.2014 1.0 01/08/2014

More information

DATA PROTECTION POLICY

DATA PROTECTION POLICY MILNBANK HOUSING ASSOCIATION DATA PROTECTION POLICY LS/NOV.2011/REF.P14 1) INTRODUCTION Milnbank Housing Association recognises that the Data Protection Act 1998 is an important piece of legislation to

More information

Information Governance Policy

Information Governance Policy Information Governance Policy REFERENCE NUMBER IG 101 / 0v3 May 2012 VERSION V1.0 APPROVING COMMITTEE & DATE Clinical Executive 4.9.12 REVIEW DUE DATE May 2015 West Lancashire CCG is committed to ensuring

More information

Information governance

Information governance Information governance Staff handbook RDaSH 88 02 Information governance Introduction to information governance Overview 88 03 Information governance or IG - includes information security and confidentiality,

More information

North Cumbria University Hospitals NHS Trust - FoI 000999 Enclosure 01. Job Description

North Cumbria University Hospitals NHS Trust - FoI 000999 Enclosure 01. Job Description 1. JOB DETAILS Job Description Job title: Head of Communications and Reputation Management Accountable to: Director of Strategic Planning and Clinical Governance Location: Trust-wide across both hospital

More information

Barnet Partnership Information Sharing Protocol

Barnet Partnership Information Sharing Protocol Barnet Partnership Information Sharing Protocol Information Sharing Protocol V1_0C - FINAL Page 1 of 52 Version 1.0 (FINAL) Contents 1 Background... 4 1.1 The need to share information... 4 2 Scope...

More information

Information Management Policy CCG Policy Reference: IG 2 v4.1

Information Management Policy CCG Policy Reference: IG 2 v4.1 Information Management Policy CCG Policy Reference: IG 2 v4.1 Document Title: Policy Information Management Document Status: Final Page 1 of 15 Issue date: Nov-2015 Review date: Nov-2016 Document control

More information

Bulk Data Transfer Guidelines

Bulk Data Transfer Guidelines Bulk Data Transfer Guidelines This procedural document supersedes: CORP/ICT 20 v.1 Bulk Data Transfer. Did you print this document yourself? The Trust discourages the retention of hard copies of policies

More information

Data protection policy

Data protection policy Data protection policy Introduction 1 This document is the data protection policy for the Nursing and Midwifery Council (NMC). 2 The Data Protection Act 1998 (DPA) governs the processing of personal data

More information

Information Governance. and what it means for you

Information Governance. and what it means for you Information Governance and what it means for you 1 Content Introduction 3 Who are we? 4 What is Information Governance? 4 Purpose of Holding Information 5 Confidentiality and Security 5 Accuracy of Information

More information

HERTSMERE BOROUGH COUNCIL

HERTSMERE BOROUGH COUNCIL HERTSMERE BOROUGH COUNCIL DATA PROTECTION POLICY October 2007 1 1. Introduction Hertsmere Borough Council ( the Council ) is fully committed to compliance with the requirements of the Data Protection Act

More information

Information Governance Policy

Information Governance Policy Information Governance Policy Version 1.1 Responsible Person Information Governance Manager Lead Director Head of Corporate Services Consultation Route Information Governance Steering Group Approval Route

More information

Scanning of Physical Documentation Policy

Scanning of Physical Documentation Policy Scanning of Physical Documentation Policy DOCUMENT CONTROL: Version: 1 Ratified by: Risk Management Sub Group Date ratified: 17 February 2016 Name of originator/author: Records Manager Name of responsible

More information

Information Governance Policy

Information Governance Policy Information Governance Policy Information Governance Policy Issue Date: June 2014 Document Number: POL_1008 Prepared by: Information Governance Senior Manager Insert heading depending on Insert line heading

More information

Information Governance Policy

Information Governance Policy Information Governance Policy Version: Revised: Consultation: Ratified by: 1.0 Information Governance Committee Governance Committee Date ratified: 19 March 2008 Name of originator/author: David McGrath

More information

1. Introduction... 3. 2. Statement of Policy. 3. 3. The Eight Principles of Data Protection... 4. 4. Scope... 5. 5. Roles and Responsibilities.

1. Introduction... 3. 2. Statement of Policy. 3. 3. The Eight Principles of Data Protection... 4. 4. Scope... 5. 5. Roles and Responsibilities. Data Protection Policy 2011 Contents Page 1. Introduction... 3 2. Statement of Policy. 3 3. The Eight Principles of Data Protection...... 4 4. Scope.... 5 5. Roles and Responsibilities. 5 6. Development

More information

Bridget Rankin Principal Pharmacist, Medicines Information Guy s & St. Thomas NHS Foundation Trust April 2015

Bridget Rankin Principal Pharmacist, Medicines Information Guy s & St. Thomas NHS Foundation Trust April 2015 Bridget Rankin Principal Pharmacist, Medicines Information Guy s & St. Thomas NHS Foundation Trust April 2015 Aim of the Session Identify legal and ethical problems that may be encountered when providing

More information

Information Governance Strategy :

Information Governance Strategy : Item 11 Strategy Strategy : Date Issued: Date To Be Reviewed: VOY xx Annually 1 Policy Title: Strategy Supersedes: All previous Strategies 18/12/13: Initial draft Description of Amendments 19/12/13: Update

More information

DATA PROTECTION POLICY

DATA PROTECTION POLICY Reference number Approved by Information Management and Technology Board Date approved 14 th May 2012 Version 1.1 Last revised N/A Review date May 2015 Category Information Assurance Owner Data Protection

More information

INFORMATION GOVERNANCE POLICY

INFORMATION GOVERNANCE POLICY INFORMATION GOVERNANCE POLICY Version Version 1 Ratified By Date Ratified PROPOSED FOR APPROVAL 15/11/12 Author(s) Responsible Committee / Officers Date Issue November 2012 Review Date November 2013 Intended

More information

Information Governance Plan

Information Governance Plan Information Governance Plan 2013 2015 1. Overview 1.1 Information is a vital asset, both in terms of the clinical management of individual patients and the efficient organisation of services and resources.

More information

Data Protection Policy

Data Protection Policy Data Protection Policy 1. Introduction to the Data Protection Policy Everyone who works for Chorley Council uses personal data in the course of their duties. Chorley Council must gather and process personal

More information

INFORMATION GOVERNANCE STRATEGIC VISION, POLICY AND FRAMEWORK

INFORMATION GOVERNANCE STRATEGIC VISION, POLICY AND FRAMEWORK INFORMATION GOVERNANCE STRATEGIC VISION, POLICY AND FRAMEWORK Policy approved by: Assurance Committee Date: 3 December 2014 Next Review Date: December 2016 Version: 1.0 Information Governance Strategic

More information

The Manitowoc Company, Inc.

The Manitowoc Company, Inc. The Manitowoc Company, Inc. DATA PROTECTION POLICY 11FitzPatrick & Associates 4/5/04 1 Proprietary Material Version 4.0 CONTENTS PART 1 - Policy Statement PART 2 - Processing Personal Data PART 3 - Organisational

More information

MOORLAND SURGICAL SUPPLIES LTD INFORMATION GOVERNANCE POLICY

MOORLAND SURGICAL SUPPLIES LTD INFORMATION GOVERNANCE POLICY MOORLAND SURGICAL SUPPLIES LTD INFORMATION GOVERNANCE POLICY Moorland is committed to ensuring that, as far as it is reasonably practicable, the way we provide services to the public and the way we treat

More information

D-CRIS Information Governance Assurance

D-CRIS Information Governance Assurance D-CRIS Information Governance Assurance Date: 05 08 2013 Version: 1.0 Author: Murat Soncul Contents 1. Introduction... 3 2. CRIS Security Model... 3 3. SLaM Information Governance Framework... 4 4. Roles

More information

CORK INSTITUTE OF TECHNOLOGY

CORK INSTITUTE OF TECHNOLOGY CORK INSTITUTE OF TECHNOLOGY DATA PROTECTION POLICY APPROVED BY GOVERNING BODY ON 30 APRIL 2009 INTRODUCTION Cork Institute of Technology is committed to a policy of protecting the rights and privacy of

More information

JOB DESCRIPTION. Enhanced CRB with Both Barred Lists Check

JOB DESCRIPTION. Enhanced CRB with Both Barred Lists Check JOB DESCRIPTION JOB TITLE: Service Manager (Access) BAND: Agenda for Change Band (Band 8b) HOURS AND: DURATION As specified in the job advertisement and the Contract of Employment AGENDA FOR CHANGE (reference

More information

RECORDS MANAGEMENT FRAMEWORK

RECORDS MANAGEMENT FRAMEWORK RECORDS MANAGEMENT FRAMEWORK Policy Number: 253 Supersedes: Standards For Healthcare Services No/s 1, 19, 20 Version No: Date Of Review: Reviewer Name: 1.1 Nov 2011 Alison Gittins 1.2 Mar 2015 Alison Gittins

More information