Personal Data Handling and Sharing Policy
|
|
- Francis Logan
- 8 years ago
- Views:
Transcription
1 Personal Data Handling and Sharing Policy Originator Richard Gibson Date 20 June 2012 Verifier Lynda Oliver Date 20 June 2012 Reviewed Richard Gibson, Lynda Oliver Date July 2013
2 Contents Page 1. Introduction 2. Purpose of the Policy 3. Responsibilities 4. Data Gathering 5. Use of Data 6. Patient Rights 7. Sharing of Data 8. Scope 9. Procedures 10. Approval
3 Personal Data Handling and Sharing Policy 1. Introduction The Outside Clinic has an obligation to define the requirements for how we process data and how it is handled within the organisation structure. 2. Purpose of the Policy The purpose of this Policy is to define why data is collected, how it is used and how data is kept confidential. It also sets out the parameters for all employees of The Outside Clinic who are involved in how to share patient identifiable/sensitive information outside the organisation. 3. Responsibilities The Data Controller is responsible for keeping patient information confidential. The Data Controller is the Head Of Operations. 4. Data Gathering The Outside Clinic keeps records about patient s health and any treatment and care that is provided. These records help to ensure that we deliver the best possible care. The records may be written down (manual records) or held on computer. These records may include: Basic details about the patient such as address, date of birth. Contact we have had with the patient such as eye and hearing examinations. Notes and reports of the patient s health. Details and records about the patient s treatment and care. Some of this information will be held centrally to be used for statistical purposes. In these instances we take strict measures to ensure that individual patients cannot be identified. The information will only be used with their consent, unless the law requires us to pass on this information. 5. Use of Data Patient records are stored so that they can be used to guide and administer the care that is provided to them. Our medical professionals involved in their care has accurate and up-to-date information to assess their health and decide on the most appropriate care for them. Patient concerns will be fully investigated if a complaint is raised. The Outside Clinic will ensure that the appropriate information is available if the patient attends another medical professional or they are referred to a specialist, their GP or another part of the NHS or similar organisation. 6. Patient Rights Patients have a right of access to the information that we hold about them. The information can be provided by the patient making a request in writing to the Data Controller. We are required to respond within 40 days. The patient will need to give The Outside Clinic adequate information to ensure that the patient s identity can be verified.
4 7. Sharing of Data It is the Policy of The Outside Clinic to share patient information appropriately in order to ensure seamless and appropriate care for patients. Every member of staff has a contractual obligation to pass on or share patient identifiable information safely and securely. The Outside Clinic acknowledges that patients have a right to be aware when their data is being shared. If the sharing does not contribute to, or support the delivery of their care, then it may be that their written consent will be required. The sharing will be carried out in a safe environment and within the constraints of the Data Protection Act 1998, the Data Protection Principles and the Caldicott Principles. 8. Scope This Policy applies to all patient identifiable or The Outside Clinic sensitive information, be it manual or electronic, that is being shared or is planned to be shared with another organisation or individual. 9. Procedures Postal Security Envelopes should be securely sealed, clearly addressed to a known contact and marked confidential and addressee only. A return to sender address should also be marked on the envelope Telephone Security Telephone validation or callback procedures should be followed before disclosing information to someone you do not know to confirm their identity and authorisation. Fax Machine Security All fax machines, which could receive patient information when unsupervised, must be in an area that could be locked so that unauthorised staff or the general public cannot gain access to them. Confidential information should only be sent by fax where absolutely necessary. If you do send information that identifies a patient, always send a cover sheet with the fax, which contains a statement This fax is confidential and is intended for the person whom it is addressed. When faxing patient information, steps must be taken to minimise the risk of miss dialling. Pre-programmed dialling is recommended and you should never dial from memory. Never send a fax to an unsupervised machine, unless it is designated safe haven or secure. Make sure that an appropriate person is available to receive that fax. It is good practice to make sure after sending the fax that the right person has received it. Confidential information sent via fax should be accompanied by a phone call to the recipient. Coded numbers should be used instead of names/address wherever possible. The data should be anonymised where possible and kept to a minimum. Security ing patient confidential information is only permitted if it is encrypted or where system-to-system networks are known to be secure or by use of an NHS net address.
5 Using Anonymised or Pseudonymised Information Anonymising data means to remove factors that would enable an individual to be identified and is the method to be used for the sharing of bulk data. Pseudonymisation is the process of applying a pseudonym to replace person identifiable information and can be used with certain IT programs when transferring information concerning individuals. Encryption All portable media etc (laptops, data sticks) that are to be used for the downloading of patient identifiable/sensitive information must be: o o Manager. Supplied by The Outside Clinic. Encrypted. Any enquiries about encryption should be addressed to the Hardware and Network Data Sharing Examples of data sharing are: Patient data returns to the NHS England and Health Authorities. Communications with GP Practices. Copies of records being supplied to other hospitals taking over the care of the patient because, for example, the patient has moved. Outsourcing initiatives. Clinical audit or research. Patient information being shared with other health care agencies. Staff and Training Reference to Data Sharing is part of Information Governance training that takes place at induction and at mandatory updates. 10. Approval This policy has been approved by the undersigned and will be reviewed on an annual basis. Originator: Richard Gibson Date: 20 June 2012 Verifier: Lynda Oliver Date: 20 June 2012 Authoriser: Richard Gibson Date: 20 June 2012
Safe Haven Procedure. Final. Date Issued March 2009 Review Date March 2010 NHS East Midland Employees. Safe Haven Procedure: v1.
Safe Haven Procedure Final Version 1.0 (Final) Ratified By Executive Team Originator/Author Fabian Henderson Date Issued March 2009 Review Date March 2010 Target NHS East Midland Employees Safe Haven Procedure:
More informationSafe Haven Policy. Equality & Diversity Statement:
Title: Safe Haven Policy Reference No: 010/IT Owner: Deputy Chief Officer Author Information Governance Lead First Issued On: November 2012 Latest Issue Date: March 2015 Operational Date: March 2015 Review
More informationThe Leeds Teaching Hospitals NHS Trust. Research & Development Department DATA PROTECTION IN RESEARCH GUIDANCE NOTES FOR RESEARCHERS
The Leeds Teaching Hospitals NHS Trust Research & Development Department DATA PROTECTION IN RESEARCH GUIDANCE NOTES FOR RESEARCHERS 1. Introduction The Research Governance Framework for Health & Social
More informationPersonal data - Personal data identify an individual. For example, name, address, contact details, date of birth, NHS number.
Background The Data Protection Act 1998 i came into force in March 2000 and is followed by all NHS employed staff via their policies and procedures. The act applies to all personal, identifiable information
More informationNon ASPH Trust Staff - DATA ACCESS REQUEST Page 1/3
Paper 9 Non ASPH Trust Staff - DATA ACCESS REQUEST Page 1/3 Please ensure that all THREE pages of this contract are returned to: Information Governance Manager, Health Informatics, Chertsey House, St Peter
More informationSecure Transfer of Information Guidance for staff
Secure Transfer of Information Guidance for staff Document number CCG.GOV.013.1.1 Version: 1.1 Ratified by: NHS Bury CCG Quality and Risk Committee Date ratified: 8 th January 2014 Name of originator /author
More informationSecure Storage, Communication & Transportation of Personal Information Policy Disclaimer:
Secure Storage, Communication & Transportation of Personal Information Policy Version No: 3.0 Prepared By: Information Governance, IT Security & Health Records Effective From: 20/12/2010 Review Date: 20/12/2011
More informationSafe Haven Procedure for the Secure Transmission of Personally Identifiable Information
Safe Haven Procedure for the Secure Transmission of Personally Identifiable Information Im&t directorate\policies\approved ig policiesprocedures.1 Index 1. Purpose... 3 2. Introduction... 3 3. Scope...
More informationInformation Governance
Information Governance Information for Patients Information Governance (IG) Contents: Identifying the IG Lead for the Practice. This identifies the main people responsible for Information Governance Policy.
More informationMobility and Young London Annex 4: Sharing Information Securely
Young London Matters April 2009 Government Office For London Riverwalk House 157-161 Millbank London SW1P 4RR For further information about Young London Matters contact: younglondonmatters@gol.gsi.gov.uk
More informationOxCCARE Information Governance Policy
OxCCARE Information Governance Policy Introduction: This document is intended to act as a practical guide to information governance (IG) for all research, audit, quality improvement and service evaluation
More informationInformation Governance
Information Governance Safe Haven Procedures; Guidance for all BHR CCG Staff Fax Machines Email Postage Telephone Conversations Fax Machines Confidential information faxed in emergency situations only
More informationPortable Devices and Removable Media Acceptable Use Policy v1.0
Portable Devices and Removable Media Acceptable Use Policy v1.0 Organisation Title Creator Oxford Brookes University Portable Devices and Removable Media Acceptable Use Policy Information Security Working
More informationDATA PROTECTION IT S EVERYONE S RESPONSIBILITY. An Introductory Guide for Health Service Staff
DATA PROTECTION IT S EVERYONE S RESPONSIBILITY An Introductory Guide for Health Service Staff 1 Message from Director General Dear Colleagues The safeguarding of and access to personal information has
More informationINFORMATION GOVERNANCE AND SECURITY 1 POLICY DRAFTED BY: INFORMATION GOVERNANCE LEAD 2 ACCOUNTABLE DIRECTOR: SENIOR INFORMATION RISK OWNER
INFORMATION GOVERNANCE AND SECURITY 1 POLICY DRAFTED BY: INFORMATION GOVERNANCE LEAD 2 ACCOUNTABLE DIRECTOR: SENIOR INFORMATION RISK OWNER 3 APPLIES TO: ALL STAFF 4 COMMITTEE & DATE APPROVED: AUDIT COMMITTEE
More informationHuman Resources Policy documents. Data Protection Policy
Policy documents Aims of the Policy apetito is committed to meeting its obligations under data protection law. As a business, apetito handles a range of Personal Data relating to its customers, staff and
More informationData Protection Policy
Data Protection Policy Responsible Officer Author Date effective from July 2009 Ben Bennett, Business Planning & Resources Director Julian Lewis, Governance Manager Date last amended December 2012 Review
More informationDe-identification of Data using Pseudonyms (Pseudonymisation) Policy
De-identification of Data using Pseudonyms (Pseudonymisation) Policy Version: 2.0 Page 1 of 7 Partners in Care This is a controlled document. It should not be altered in any way without the express permission
More informationA Framework for the Safe and Secure Use & Management of Community Pharmacy NHSmail email including Generic Mailboxes
A Framework for the Safe and Secure Use & Management of Community Pharmacy NHSmail email including Generic Mailboxes Contents 1 Introduction 3 2 NHSmail Acceptable Use Policy 3 3 Objectives 4 4 General
More informationResearch Governance Standard Operating Procedure
Research Governance Standard Operating Procedure The Management and Use of Research Participant Data for Secondary Research Purposes SOP Reference: Version Number: 01 Date: 28/02/2014 Effective Date: Review
More informationyour hospitals, your health, our priority STANDARD OPERATING PROCEDURE: Safe Haven Procedure TW10-110 SOP 3 SOP NO: VERSION NO:
STANDARD OPERATING PROCEDURE: Safe Haven Procedure SOP NO: VERSION NO: APPROVING COMMITTEE: DATE THIS VERSION APPROVED: TW10-110 SOP 3 3 Information Governance Committee July 2013 RATIFYING COMMITTEE:
More informationData Transfer Policy. Data Transfer Policy London Borough of Barnet
Data Transfer Policy Data Transfer Policy London Borough of Barnet Document Control POLICY NAME Data Transfer Policy Document Description Policy surrounding data transfers (electronic and paper based).
More informationX NSW/ACT X NT X QLD X SA X TAS X VIC X WA
1. Please complete this form USING BLACK INK and write within the boxes in CAPITAL LETTERS. Mark appropriate answer boxes with a CROSS. Start at the left of each answer space and leave a gap between words.
More informationFindings from ICO audits and reviews of community healthcare providers. June 2013 to December 2014
Findings from ICO audits and reviews of community healthcare providers June 2013 to December 2014 Introduction The Information Commissioner s Office (ICO) is the regulator responsible for ensuring that
More informationINFORMATION GOVERNANCE STAFF HANDBOOK
INFORMATION GOVERNANCE STAFF HANDBOOK Contents Why do YOU need to know about Information Governance (IG)?... 2 Keeping Information Safe... 2 Confidentiality... 2 Deciding to Communicate Important Information...
More informationBulk Data Transfer Guidelines
Bulk Data Transfer Guidelines This procedural document supersedes: CORP/ICT 20 v.1 Bulk Data Transfer. Did you print this document yourself? The Trust discourages the retention of hard copies of policies
More informationPersonal Identifiable Data Security Policy
Personal Identifiable Data Security Policy Number: THCCGCG43 Version: 01 Executive Summary This Policy defines the Security requirements for all Staff involved in handling Person Identifiable Data (PID)
More informationHulme Hall Medical Group
Beacon Practice for Patient Online Hulme Hall Medical Group Fax and Emailing Handling Policy Written By: Joanne Revell Signed: Authorised by: Anna Webster Signed: Job Title: Practice Manager CQC Lead Effective
More informationPatient Information Whose information is it anyway? Your health records
Patient Information Whose information is it anyway? Your health records Derriford Hospital Derriford Road Plymouth PL6 8DH Tel: 0845 155 8155 www.plymouthhospitals.nhs.uk Your health record We ask you
More informationHow To Share Your Health Records With The National Health Service
HOW WE USE YOUR PERSONAL INFORMATION Information Leaflet Your Health. Our Priority. Page 2 of 9 Introduction This Leaflet explains why the NHS collects information about you and how it is used, your right
More informationAccess to Health Records
Access to Health Records Crown Heights Medical Centre Procedure Access to Health Records ACCESS TO MEDICAL RECORDS (DATA PROTECTION) POLICY INTRODUCTION The Access to Health Records Act 1990 gave individuals
More informationPolicy Name: Data Protection. Nominated Lead Member of Staff: ICT Manager. Status: Review Cycle: 2 Years. Authorisation: Governing Body
Policy Name: Data Protection Nominated Lead Member of Staff: ICT Manager Status: Review Cycle: 2 Years Authorisation: Governing Body Review Date: June 2017 Data Protection Policy The Governing Body of
More informationHealth and Social Care Information Centre
Health and Social Care Information Centre Information Governance Assessment Customer: Clinical Audit Support Unit of the Health and Social Care Information Centre under contract to the Royal College of
More informationInformation Governance Manual Training Booklet
Information Governance Manual Training Booklet Introduction This booklet is aimed at staff who do not access a computer whilst working for the Trust. If you have access to a computer, you must complete
More informationFISHER & PAYKEL PRIVACY POLICY
FISHER & PAYKEL PRIVACY POLICY 1. About this Policy Fisher & Paykel Australia Pty Limited (ABN 71 000 042 080) and its related companies ('we', 'us', 'our') understands the importance of, and is committed
More informationSafe and secure use of personal health information
Safe and secure use of personal health information Who is this leaflet for? This leaflet is for anyone who uses any of the services provided by the NHS in Scotland. It has been produced by Health Protection
More informationThe Care Record Guarantee Our Guarantee for NHS Care Records in England
The Care Record Guarantee Our Guarantee for NHS Care Records in England Introduction In the National Health Service in England, we aim to provide you with the highest quality of healthcare. To do this,
More informationINFORMATION MANAGEMENT & TECHNOLOGY SECURITY POLICY
Information Management & Technology Security Policy INFORMATION MANAGEMENT & TECHNOLOGY SECURITY POLICY POLICY NO IM&T 003 DATE RATIFIED October 2010 NEXT REVIEW DATE October 2013 POLICY STATEMENT/KEY
More informationBarnet Partnership Information Sharing Protocol
Barnet Partnership Information Sharing Protocol Information Sharing Protocol V1_0C - FINAL Page 1 of 52 Version 1.0 (FINAL) Contents 1 Background... 4 1.1 The need to share information... 4 2 Scope...
More informationData Encryption Policy
Data Encryption Policy Number: THCCGCG36 Version: 01 Executive Summary This Policy defines the Security requirements for data encryption upon laptops, physical media and Secure File Transfer within the
More informationCORPORATE TRAVEL MANAGEMENT PRIVACY POLICY
CORPORATE TRAVEL MANAGEMENT PRIVACY POLICY 1. About this Policy Corporate Travel Management Group Pty Ltd (ABN 52 005 000 895) (CTM) ('we', 'us', 'our') understands the importance of, and is committed
More informationDirect Recruitment Privacy Policy
Direct Recruitment Privacy Policy Direct Recruitment manages personal information in accordance with the Privacy Act 1988 and Australian Privacy Principles (APP). This policy applies to information collected
More informationData Transfer Policy London Borough of Barnet
London Borough of Barnet DATA PROTECTION 11 Document Control Document Description Data Transfer Policy Version v.2 Date Created December 2010 Status Authorisation Name Signature Date Prepared By: IS Checked
More informationTrust Informatics Policy. Information Governance. Secure Transfer of Information Policy
Trust Informatics Policy Information Governance Policy Reference: 3628 Document Title Author/Contact Document Reference 3628 Document Control Pauline Nordoff-Tate, Information Assurance Manager Document
More informationThe Newcastle upon Tyne Hospitals NHS Foundation Trust. Occupational Health Records Management and Retention Operational Policy
The Newcastle upon Tyne Hospitals NHS Foundation Trust Occupational Health Records Management and Retention Operational Policy Version No. 1.0 Effective From: 9 October 2013 Expiry Date: 30 September 2016
More informationInformation Governance and Risk Stratification: Advice and Options for CCGs and GPs
Information Governance and Risk Stratification: Advice and Options for CCGs and GPs 1 NHS England INFORMATION READER BOX Directorate Medical Operations Patients and Information Nursing Policy Commissioning
More informationInformation Security Policy. Appendix B. Secure Transfer of Information
Information Security Policy Appendix B Secure Transfer of Information Author: Data Protection and Information Security Officer. Version: 0.7 Date: March 2008 Document Control Information Document ID Document
More informationPOLICY DOCUMENT. Policy on Mobile / Portable Computing Devices and Data Security. Release: Final Date Created: 3 March 2009
POLICY DOCUMENT Policy on Mobile / Portable Computing Devices and Data Security Release: Final Date Created: 3 March 2009 Owner: David Priest Compiled by: David Priest Document Reference: Page 1 of 8 Printed:
More informationIntroduction to the NHS Information Governance Requirements
Introduction to the NHS Information Governance Requirements 2 Version April 2014 Information Governance ensures necessary safeguards for, and appropriate use of, patient and personal information. The widely
More informationThe Care Record Guarantee Our Guarantee for NHS Care Records in England
The Care Record Guarantee Our Guarantee for NHS Care Records in England January 2011, version 5 Introduction In the National Health Service in England, we aim to provide you with the highest quality of
More informationNewcastle University Information Security Procedures Version 3
Newcastle University Information Security Procedures Version 3 A Information Security Procedures 2 B Business Continuity 3 C Compliance 4 D Outsourcing and Third Party Access 5 E Personnel 6 F Operations
More informationInformation Governance Policy
Information Governance Policy 1 Introduction Healthwatch Rutland (HWR) needs to collect and use certain types of information about the Data Subjects who come into contact with it in order to carry on its
More informationCOVER SHEET OF POLICY DOCUMENT Code Number Policy Document Name
COVER SHEET OF POLICY DOCUMENT Code Number Policy Document Name Introduction Removable Media and Mobile Device Policy Removable media and mobile devices are increasingly used to enable information access
More informationTenth Judicial Circuit of Florida Information Systems Acceptable Use Guidelines Polk, Hardee and Highlands Counties as of January 2014
Tenth Judicial Circuit of Florida Information Systems Acceptable Use s Polk, Hardee and Highlands Counties as of January 2014 The following guidelines define the acceptable use of information technology
More informationST IVES CHAMBERS POLICY ON THE COLLECTION AND USE OF DIVERSITY DATA
ST IVES CHAMBERS POLICY ON THE COLLECTION AND USE OF DIVERSITY DATA 1. This is the Data Diversity Policy for St Ives Chambers which is established in accordance with RC110 (section D1.2 Equality and diversity)
More informationData Protection Policy
Data Protection Policy Version: V1 Ratified by: Operational Management Executive Committee Date ratified: 26 September 2013 Name and Title of originator/author(s): Chris Brady, FOI, Data Protection and
More informationPRIVACY POLICY. comply with the Australian Privacy Principles ("APPs"); ensure that we manage your personal information openly and transparently;
PRIVACY POLICY Our Privacy Commitment Glo Light Pty Ltd A.C.N. 099 730 177 trading as "Lighting Partners Australia of 16 Palmer Parade, Cremorne, Victoria 3121, ( LPA ) is committed to managing your personal
More informationRemote Data Extraction Policy and Procedure
Remote Data Extraction Policy and Procedure Prepared by PRIMIS June 2015 The University of Nottingham. All rights reserved. Contents 1. Introduction... 3 2. Purpose and scope... 3 3. Policy Statement...
More informationBOARD OF DIRECTORS PAPER COVER SHEET. Meeting date: 22 February 2006. Title: Information Security Policy
BOARD OF DIRECTORS PAPER COVER SHEET Meeting date: 22 February 2006 Agenda item:7 Title: Purpose: The Trust Board to approve the updated Summary: The Trust is required to have and update each year a policy
More informationProtection. Code of Practice. of Personal Data RPC001147_EN_WB_L_1
Protection of Personal Data RPC001147_EN_WB_L_1 Table of Contents Data Protection Rules Foreword From the Data Protection Commissioner Introduction From the Chairman Data Protection Responsibility of Employees
More informationInformation Sharing Policy
Information Sharing Policy REFERENCE NUMBER IG 010 / 0v3 February 2013 VERSION V1.0 APPROVING COMMITTEE & DATE Clinical Executive Committee 5.2.13 REVIEW DUE DATE February 2016 West Lancashire CCG is committed
More informationVersion: 2.0. Effective From: 28/11/2014
Policy No: OP58 Version: 2.0 Name of Policy: Anti Virus Policy Effective From: 28/11/2014 Date Ratified 17/09/2014 Ratified Health Informatics Assurance Committee Review Date 01/09/2016 Sponsor Director
More informationSECURITY POLICY REMOTE WORKING
ROYAL BOROUGH OF WINDSOR AND MAIDENHEAD SECURITY POLICY REMOTE WORKING Introduction This policy defines the security rules and responsibilities that apply when doing Council work outside of Council offices
More informationNHS HDL (2006)41 abcdefghijklm. = eé~äíü=aéé~êíãéåí= = aáêéåíçê~íé=çñ=mêáã~êó=`~êé=~åç=`çããìåáíó=`~êé
NHS HDL (2006)41 abcdefghijklm = eé~äíü=aéé~êíãéåí= = aáêéåíçê~íé=çñ=mêáã~êó=`~êé=~åç=`çããìåáíó=`~êé Dear Colleague NHSSCOTLAND INFORMATION SECURITY POLICY Summary 1. NHSScotland IT Security Policy was
More informationBEFORE USING THIS GUIDANCE, MAKE SURE YOU HAVE THE MOST UP TO DATE VERSION GUIDANCE 2 POLICY AREA: INFORMATION GOVERNANCE
GUIDANCE 1 TITLE: INFORMATION GOVERNANCE FRAMEWORK 2 POLICY AREA: INFORMATION GOVERNANCE 3 ACCOUNTABLE DIRECTOR FOR POLICY AREA: DIRECTOR OF QUALITY AND GOVERNANCE 4 GUIDANCE DRAFTED BY: INTEGRATED GOVERNANCE
More informationName of responsible committee: Information Governance Board Date issued: 15 th April 09 Review date: 14 th April 11 Referenced Documents:
Storage and Transfer of Person Identifiable Information Policy Trust Wide Policy number: ULH-IM&T-AUP03 Version: 1.1 New or Replacement: New Approved by: Executive Board Date approved: 14 th April 09 Name
More informationInformation Security Policy September 2009 Newman University IT Services. Information Security Policy
Contents 1. Statement 1.1 Introduction 1.2 Objectives 1.3 Scope and Policy Structure 1.4 Risk Assessment and Management 1.5 Responsibilities for Information Security 2. Compliance 3. HR Security 3.1 Terms
More informationLAPTOP AND PORTABLE DEVICES AND REMOTE ACCESS POLICY
LAPTOP AND PORTABLE DEVICES AND REMOTE ACCESS POLICY Version 1.0 Ratified By Date Ratified Author(s) Responsible Committee / Officers Issue Date Review Date Intended Audience Impact Assessed CCG Committee
More informationRD SOP17 Research data management and security
RD SOP17 Research data management and security Version Number: V2 Name of originator/author: Dr Andy Mee, R&I Manager Name of responsible committee: R&I Committee Name of executive lead: Medical Director
More informationData Protection and Data security Policy
Data Protection and Data security Policy Statement of policy and purpose of Policy 1. Somer Valley Community Radio Ltd (the Employer) is committed to ensuring that all personal information handled by us
More informationSecurity Awareness. A Supplier Guide/Employee Training Pack. May 2011 (updated November 2011)
Security Awareness A Supplier Guide/Employee Training Pack May 2011 (updated November 2011) Contents/Chapters 1. How do I identify a DWP asset 2. Delivering on behalf of DWP - Accessing DWP assets 3. How
More informationInformation Governance Policy (incorporating IM&T Security)
(incorporating IM&T Security) ONCE PRINTED OFF, THIS IS AN UNCONTROLLED DOCUMENT. PLEASE CHECK THE INTRANET FOR THE MOST UP TO DATE COPY Target Audience: All staff employed or working on behalf of the
More informationThe Breastfeeding Network. Information Governance Policy
All correspondence to: The Breastfeeding Network PO Box 11126, Paisley PA2 8YB Tel: 0844 412 0995 e-mail: admin@breastfeedingnetwork.org.uk www.breastfeedingnetwork.org.uk The Breastfeeding Network Information
More informationScottish Rowing Data Protection Policy
Revision Approved by the Board August 2010 1. Introduction As individuals, we want to know that personal information about ourselves is handled properly, and we and others have specific rights in this
More informationINFORMATION GOVERNANCE OPERATING POLICY & FRAMEWORK
INFORMATION GOVERNANCE OPERATING POLICY & FRAMEWORK Log / Control Sheet Responsible Officer: Chief Finance Officer Clinical Lead: Dr J Parker, Caldicott Guardian Author: Associate IG Specialist, Yorkshire
More informationInformation Security Policy for Associates and Contractors
Policy for Associates and Contractors Version: 1.12 Status: Issued Date: 30 July 2015 Reference: 61418080 Location: Livelink Review cycle: Annual Contents Introduction... 3 Purpose... 3 Scope... 3 Responsibilities...
More informationProtection. Code of Practice. of Personal Data RPC001147_EN_D_19
Protection of Personal Data RPC001147_EN_D_19 Table of Contents Data Protection Rules Foreword From the Data Protection Commissioner Introduction From the Chairman Data Protection Rules Responsibility
More informationData Protection and Information Security Policy and Procedure
Data Protection and Information Security Policy and Procedure Document Detail Category: Data Protection Authorised By: Full Governing Body Author: School Business Manager Version: 1 Status: Approved May
More informationAccessing Personal Information on Patients and Staff:
Accessing Personal Information on Patients and Staff: A Framework for NHSScotland Purpose: Enabling access to personal and business information is a key part of the NHSScotland Information Assurance Strategy
More informationHow To Protect Decd Information From Harm
Policy ICT Security Please note this policy is mandatory and staff are required to adhere to the content Summary DECD is committed to ensuring its information is appropriately managed according to the
More informationInformation Governance
CONTROLLED Information Governance Caldicot Version-Workbok Non Caldicott Version - Workbook Version 12 January 2015 40 1 Don t Get Bitten by the Data Demon Notes Using this Workbook The objective of this
More informationCorporate Affairs Overview and Scrutiny Committee
Agenda item: 4 Committee: Corporate Affairs Overview and Scrutiny Committee Date of meeting: 29 January 2009 Subject: Lead Officer: Portfolio Holder: Link to Council Priorities: Exempt information: Delegated
More informationPART 1 PERSONAL AND CREDIT INFORMATION PRIVACY POLICY Document Purpose
Tyro Payments Privacy Policy Version 2.0 PART 1 PERSONAL AND CREDIT INFORMATION PRIVACY POLICY Document Purpose The purpose of this Privacy Policy is to provide a summary of how, why and when personal
More informationData and Information Security Policy
St. Giles School Inspire and achieve through creativity School Policy for: Date: February 2014 Data and Information Security Policy Legislation: Policy lead(s) The Data Protection Act 1998 (with consideration
More informationPolicy Document Control Page
Policy Document Control Page Title Title: Policy for the electronic transfer of Person Identifiable Data - harmonised Version: 5 Reference Number: CO51 Supersedes Supersedes: 4 Description of Amendment(s):
More informationWe will not collect, use or disclose your personal information without your consent, except where required or permitted by law.
HSBC Privacy Notice HSBC's Privacy Principles HSBC Bank Canada is a subsidiary of HSBC Holdings plc which, together with its subsidiaries and affiliates, is one of the world s largest banking and financial
More informationPrivacy Policy. Board for Lutheran Education Australia. Policy. Purpose. Exclusion
Policy Relevant to Responsible officer Contact officer Authorisation Date introduced March 2014 Effective date of latest version March 2014 Next review date March 2017 Relevant legislation or source Board
More informationFDOH Information and Privacy Awareness Training Learner Course Guide
Florida Department of Health FDOH Information and Privacy Awareness Training Learner Course Guide To protect, promote & improve the health of all people in Florida through integrated state, county, & community
More informationOLD HALL SURGERY COMPLAINTS PROCEDURE (FORM 1)
(FORM 1) WE OPERATE A PRACTICE AS PART OF THE N.H.S. SYSTEM FOR DEALING WITH COMPLAINTS. OUR SYSTEM MEETS NATIONAL CRITERIA. OUR AIM IS TO GIVE YOU THE HIGHEST POSSIBLE STANDARD OF SERVICE AND WE TRY TO
More informationInformation Governance in Dental Practices. Summary of findings from ICO reviews. September 2015
Information Governance in Dental Practices Summary of findings from ICO reviews September 2015 Executive summary The Information Commissioner s Office (ICO) is the regulator responsible for ensuring that
More informationInformation Management for Medical Revalidation in England
Information Management for Medical Revalidation in England www.revalidationsupport.nhs.uk Contents Page 1. Introduction 3 2. Information flows 4 The doctor 5 The appraiser 5 The responsible officer 6 New
More informationDEBT COLLECTION COMPLAINT FORM FOR USE BY ADVICE AGENCIES AND OTHER THIRD PARTY ORGANISATIONS
In July 2003 we issued guidance on debt collection practices that we viewed as unfair. A copy of the OFT's Debt Collection Guidance can be downloaded from the OFT's website at www.oft.gov.uk. We would
More informationINFORMATION GOVERNANCE STRATEGIC VISION, POLICY AND FRAMEWORK
INFORMATION GOVERNANCE STRATEGIC VISION, POLICY AND FRAMEWORK Policy approved by: Assurance Committee Date: 3 December 2014 Next Review Date: December 2016 Version: 1.0 Information Governance Strategic
More informationInformation Governance
Information Governance What you will learn in this session? 1. Principles of Information Governance and their application to health and social care organisations 2. Accessing Information Governance resources
More informationHealth Insurance Portability and Accountability Act (HIPAA) Overview
Health Insurance Portability and Accountability Act (HIPAA) Overview Agency, Contract and Temporary Staff Orientation Initiated: 5/04, Reviewed: 7/10, Revised: 10/10 Prepared by SHS Administration & Samaritan
More informationCase Recording Practice Adults Services
Case Recording Practice Adults Services Guidance on case recording practice and on document management Version: 3.3 Effective from: 1 st October 2014 Next review date: 1 st Nov 2015 Signed off by: Jenny
More informationNETWORK SECURITY POLICY
NETWORK SECURITY POLICY Policy approved by: Governance and Corporate Affairs Committee Date: December 2014 Next Review Date: August 2016 Version: 0.2 Page 1 of 14 Review and Amendment Log / Control Sheet
More informationINFORMATION SECURITY POLICY
INFORMATION SECURITY POLICY Policy approved by: Audit and Governance Committee Date: 4 th December 2014 Next Review Date: December 2016 Version: 1 Information Security Policy Page 1 of 17 Review and Amendment
More informationNHSScotland is improving the way it uses information from GP patient records.
NHSScotland is improving the way it uses information from GP patient records. It helps me. GP, Lanark. And us. SPI27400 8pp A5 leaflet.indd 1 31/07/2015 17:11 A change for the better. From Autumn 2015
More information