Information Governance in Commissioning. Mental Health Commissioners Collaborative
|
|
- Patricia Hardy
- 8 years ago
- Views:
Transcription
1 Information Governance in Commissioning Mental Health Commissioners Collaborative
2 Introduction David Stone Head of Information Governance Apira Limited
3 2011/12 Standard Terms and Conditions for Mental Health and Learning Disability Services Context Law/Contract Regulation Risk/Liability Contract compliance/assurance Incidents/Breaches Patient Identifiable Data/Secondary Use
4 Dear colleague Gateway Ref: We want to call your attention again to a significant change that came into force on 6 April 2010, which enables the ICO to order organisations to pay up to 500,000 as a penalty for serious breaches of the Data Protection Act Obviously we are all hoping that it will not be necessary for the enhanced powers to be exercised, but at present a significant percentage of all data breaches reported to the ICO relate to NHS organisations. The purpose of this letter is to outline the actions that we jointly recommend to ensure your systems and practices deliver adequate information governance and that commissioning criteria adequately reflect its importance. Nicholson, NHS CEO and Graeme, IC to all NHS CEOs, 05/09/11
5 Law/Contract Data Controller/Data Processor The Commissioner is a Data Controller in law (27.3) The Commissioner may be Data Controller Jointly or In-common, but remains legally liable, even after the end of the contract (for the data) The Information Commissioner will pursue the Data Controller in the event of a breach Service Level Agreements are not valid in law (unless bound in contract) The Data Protection Act (1998) trumps the NHS & Communities Act (1990)
6 Case Study In February 2011, London Boroughs of Hounslow and Ealing were fined 70,000 and 80,000 respectively under the Data Protection Act 1998 (DPA). The Monetary Penalty Notice (MPN) arose from the theft of two unencrypted laptops from an employee of Ealing Council. The laptops contained the personal data of approximately 1,000 Ealing service users and approximately 700 Hounslow service users. Hounslow were found to be in breach of the DPA because they had failed to have a valid legally contract in place with Ealing and because they had not monitored Ealing s operational compliance of their commissioned service.
7 Regulation Monitor Monitor would look to commissioners, the Information Centre and Information Commissioner to lead on policing IG at FTs and it is not our role to otherwise interpret information requirements. Only where other bodies have exhausted their powers would Monitor generally consider acting in the absence of other breaches of the authorisation. ( response 04/08/2011)
8 Regulation CQC The Commission uses the information from the Information Governance Toolkit in our Quality and Risk Profiles. Quality and Risk Profiles are an essential tool for providers, commissioners and our own staff in monitoring compliance with the essential standards of quality and safety. They help in assessing where risks lie and can play a key role in providers own internal monitoring as well as informing the commissioning of services. ( response 10/08/2011)
9 Regulation Department of Health The IGT is not a required central return as the Department of Health is just one, and not the main, interested party. The Department expects commissioners to drive improvements in provider information governance and to insist that their contractual requirement to publish an IGT assessment continues to be met.
10 Contract Compliance 27.2 Data Protection The Provider shall achieve a minimum level 2 performance against all requirements in the relevant NHS Information Governance Toolkit relevant to it. Where the Provider has not achieved level 2 performance by the Service Commencement Date, the co-ordinating Commissioner may, in its sole discretion, agree a plan with the Provider to enable the Provider to achieve level 2 performance within a reasonable time.
11 Risk/Liability IGT v8 100% 90% 80% 70% 60% 50% 40% 30% 20% 10% 0% 53% 68% 70% 68% 67% 39% 58% 75% 89% 80% Red = Unsatisfactory in IGT
12 Consent 9.1 Consent The Provider shall operate a Service User consent policy to comply with Good Clinical Practice, good Health and/or Social Care Practice and the Law NHS Care Record Guarantee Commitment 4 Legally, no-one else can make decisions on your behalf about sharing health information that identifies you. European WP29 Consent is recognised as an essential aspect of the fundamental right to the protection of personal data
13 Person Identifiable Information All health data is sensitive under the Data Protection Act SUS is only legal for limited use (S251) 18 weeks, PBr, planning care provision Contested payments/challenges New Safe Haven operation Pseudonymisation/secondary use
14 Not Applicable Contract Clauses The following clauses do not apply to data that comes with the scope of the Data Protection Act (1998) 15.5: Incident reporting 29, especially 29.9: require information Note: the contract cannot require the Provider to break the law There may be others in the schedules
15 Assurance Schedule 5 Independent audit of IGT self-assessment scores and information risk must be shared with the commissioner Information incident reporting (or as Schedule 7) in compliance with Gateway Information Lifecycle: what happens to the data at termination? (35/36) Clarification of the right to disclose confidential information (39.1.4) Transport of data using N3 Use of NHSmail
16 Conclusion The Commissioner is a Data Controller in law and legally liable for what happens to the data, even after the end of the contract A legally binding contract is required by law for every commissioned service The standard commissioning contract does not meet all legal requirements without additions in Schedule 5 The standard contract is not always correct when applied to information covered by the Data Protection Act All but one MHT in London failed to meet the standard required in contract
17
A Question of Balance
A Question of Balance Independent Assurance of Information Governance Returns Audit Requirement Sheets Contents Scope 4 How to use the audit requirement sheets 4 Evidence 5 Sources of assurance 5 What
More informationData Security and Extranet
Data Security and Extranet Derek Crabtree Schools ICT Support Manager derek.crabtree@merton.gov.uk Target Operating Model 2011 Merton Audit Organisation name: London Borough of Merton Periodic plan date:
More informationNHS DORSET CLINICAL COMMISSIONING GROUP GOVERNING BODY INFORMATION GOVERNANCE TOOLKIT REPORT
NHS DORSET CLINICAL COMMISSIONING GROUP GOVERNING BODY INFORMATION GOVERNANCE TOOLKIT REPORT 9.7 Date of the meeting 15/07/2015 Author Sponsoring Clinician Purpose of Report Recommendation J Green - Head
More informationTERMS OF REFERENCE: REVIEW OF THE INFORMATION GOVERNANCE TOOLKIT
TERMS OF REFERENCE: REVIEW OF THE INFORMATION GOVERNANCE TOOLKIT The Information Governance Professional Leadership Group hosted by the NHS Commissioning Board is committed to conducting a strategic review
More informationWhen things go wrong: information governance breaches and the role of the ICO. David Evans, Senior Policy Officer
When things go wrong: information governance breaches and the role of the ICO David Evans, Senior Policy Officer Where it did go wrong NHS Surrey 200,000 MPN June 2013 The events leading up to the MPN
More informationNIGB. Information Governance Untoward Incident Reporting and Management Advice for Local Authorities
Information Governance Untoward Incident Reporting and Management Advice for Local Authorities March 2013 Contents Page 1. The Role of the NIGB.....3 2. Introduction...4 3. Background Information...6 4.
More informationDealing With Information Rights Concerns
I Data Protection Act How we deal with complaints and concerns A guide for data controllers 1 Data Protection Act How we deal with complaints and concerns The ICO is the UK s independent public authority
More informationInformation Governance Standards in Relation to Third Party Suppliers and Contractors
Information Governance Standards in Relation to Third Party Suppliers and Contractors Document Summary Ensure staff members are aware of the standards that should be in place when considering engaging
More informationSo the security measures you put in place should seek to ensure that:
Guidelines This guideline offers an overview of what the Data Protection Act requires in terms of information security and aims to help you decide how to manage the security of the personal data you hold.
More informationCentral London Community Healthcare NHS Trust. Data protection audit report
Central London Community Healthcare NHS Trust Data protection audit report Executive Summary July 2014 1. Background The Information Commissioner is responsible for enforcing and promoting compliance with
More informationInformation Governance Framework
Information Governance Framework Authorship: Chris Wallace, Information Governance Manager Committee Approved: Integrated Audit and Governance Committee Approved date: 11th March 2014 Review Date: March
More informationGovernance. Information. Bulletin. Welcome to the nineteenth edition of the information governance bulletin
Welcome to the nineteenth edition of the information governance bulletin Our regular bulletin about information governance and the work of the IG transition programme Publication Gateway Reference: 02465
More informationINFORMATION GOVERNANCE AND SECURITY 1 POLICY DRAFTED BY: INFORMATION GOVERNANCE LEAD 2 ACCOUNTABLE DIRECTOR: SENIOR INFORMATION RISK OWNER
INFORMATION GOVERNANCE AND SECURITY 1 POLICY DRAFTED BY: INFORMATION GOVERNANCE LEAD 2 ACCOUNTABLE DIRECTOR: SENIOR INFORMATION RISK OWNER 3 APPLIES TO: ALL STAFF 4 COMMITTEE & DATE APPROVED: AUDIT COMMITTEE
More informationInformation Governance White Paper EDGE Programme
Information Governance White Paper EDGE Programme Forward Dear Subscriber The research landscape within the UK continues to evolve; from April 2014 we will see the formation of 15 Local Clinical Research
More informationData controllers and data processors: what the difference is and what the governance implications are
ICO lo : what the difference is and what the governance implications are Data Protection Act Contents Introduction... 3 Overview... 3 Section 1 - What is the difference between a data controller and a
More informationBirmingham Women s NHS Foundation Trust
Birmingham Women s NHS Foundation Trust Data protection audit report Executive summary January 2015 1. Background The Information Commissioner is responsible for enforcing and promoting compliance with
More informationBarnsley Clinical Commissioning Group. Information Governance Policy and Management Framework
Putting Barnsley People First Barnsley Clinical Commissioning Group Information Governance Policy and Management Framework Version: 1.1 Approved By: Governing Body Date Approved: 16 January 2014 Name of
More informationData Protection Avoiding Information Commissioner Fines. Caroline Egan 5 June 2014
Data Protection Avoiding Information Commissioner Fines Caroline Egan 5 June 2014 Why is data protection a hot topic in pensions? Pension schemes hold large amounts of personal data Individuals more aware
More informationCorporate ICT & Data Management. Data Protection Policy
90 Corporate ICT & Data Management Data Protection Policy Classification: Unclassified Date Created: January 2012 Date Reviewed January Version: 2.0 Author: Owner: Data Protection Policy V2 1 Version Control
More informationFurther to reports to EAG in February and March 2014, the purpose of this report is to;
Report to: Trust Board of Directors Date of Meeting: 29 May 2014 Report Title: Annual Information Governance Report 13/14 Status: Mark relevant box with X Prepared by: Executive Sponsor (presenting): Appendices
More informationINFORMATION GOVERNANCE POLICY & FRAMEWORK
INFORMATION GOVERNANCE POLICY & FRAMEWORK Version 1.2 Committee Approved by Audit Committee Date Approved 5 March 2015 Author: Responsible Lead: Associate IG Specialist, YHCS Corporate & Governance Manger
More informationInformation Governance Support Pack
PCTI Solutions Document Version: 0,1 19 February 2013 Pioneer Court, Pioneer Way, Whitwood, Castleford, West Yorkshire, WF10 5QU T: 01977 66 44 96 F: 01977 66 44 99 E: info@pcti.co.uk W: www.pcti.co.uk
More informationInformation Governance Strategy
Information Governance Strategy To whom this document applies: All Trust staff, including agency and contractors Procedural Documents Approval Committee Issue Date: January 2010 Version 1 Document reference:
More informationN3 Protecting the Network through Information Governance and Assurance
N3 Protecting the Network through Information Governance and Assurance NHS CFH Operational Security Team cfh.ost@nhs.net Introductions The NHS CFH Operational Security Team: Tony Hodgson Operational Security
More informationMerthyr Tydfil County Borough Council. Data Protection Policy
Merthyr Tydfil County Borough Council Data Protection Policy 2014 Cyfarthfa High School is a Rights Respecting School, we recognise the importance of ensuring that the United Nations Convention of the
More informationINFORMATION SHARING AGREEMENT. Multi-Disciplinary Team (MDT): Service Information Sharing
INFORMATION SHARING AGREEMENT Multi-Disciplinary Team (MDT): Service Information Sharing SCOPE NAME OF LEAD Multi-Disciplinary Team (MDT) for high risk people: this agreement is for the patient and management
More informationIntroduction to the NHS Information Governance Requirements
Introduction to the NHS Information Governance Requirements 2 Version April 2014 Information Governance ensures necessary safeguards for, and appropriate use of, patient and personal information. The widely
More informationData Protection Policy
Data Protection Policy Responsible Officer Author Date effective from July 2009 Ben Bennett, Business Planning & Resources Director Julian Lewis, Governance Manager Date last amended December 2012 Review
More informationCONTRACTS REVIEW FOR INFORMATION GOVERNANCE COMPLIANCE PROCEDURE
This document is uncontrolled once printed. Please check on the CCG s Intranet site for the most up to date version CONTRACTS REVIEW FOR INFORMATION GOVERNANCE COMPLIANCE PROCEDURE Document Title: Contracts
More informationInformation Governance Policy
Information Governance Policy Reference: Information Governance Policy Date Approved: April 2013 Approving Body: Board of Trustees Implementation Date: April 2013 Version: 6 Supersedes: 5 Stakeholder groups
More informationData Protection Audit Report - Southampton City Council
Southampton City Council Data protection audit report Executive summary March 2016 1. Background The Information Commissioner is responsible for enforcing and promoting compliance with the Data Protection
More informationAuditing data protection a guide to ICO data protection audits
Auditing data protection a guide to ICO data protection audits Contents Executive summary 3 1. Audit programme development 5 Audit planning and risk assessment 2. Audit approach 6 Gathering evidence Audit
More informationDate: 30 th May 2013. Agenda Item: 5.5. Ian Mackenzie Director of Information and Estates REPORT AUTHOR:
TRUST BOARD IN PUBLIC Date: 30 th May 2013 Agenda Item: 5.5 REPORT TITLE: Information Governance Annual Report EXECUTIVE SPONSOR: Ian Mackenzie Director of Information and Estates REPORT AUTHOR: Sarah
More informationInformation Governance Framework and Strategy. November 2014
November 2014 Authorship : Committee Approved : Chris Wallace Information Governance Manager CCG Senior Management Team and Joint Trade Union Partnership Forum Approved Date : November 2014 Review Date
More informationInformation Governance Toolkit Report 2013/14
TAUNTON AND SOMERSET NHS FOUNDATION TRUST Information Governance Toolkit Report 2013/14 Report to: Trust Board on: 28 May 2014 Purpose of the Report: This report is presented to the Trust Board for information
More informationtechnical factsheet 176
technical factsheet 176 Data Protection CONTENTS 1. Introduction 1 2. Register with the Information Commissioner s Office 1 3. Period protection rights and duties remain effective 2 4. The data protection
More informationData Protection and Information Security Policy and Procedure
Data Protection and Information Security Policy and Procedure Document Detail Category: Data Protection Authorised By: Full Governing Body Author: School Business Manager Version: 1 Status: Approved May
More informationINFORMATION GOVERNANCE STAFF HANDBOOK
INFORMATION GOVERNANCE STAFF HANDBOOK Contents Why do YOU need to know about Information Governance (IG)?... 2 Keeping Information Safe... 2 Confidentiality... 2 Deciding to Communicate Important Information...
More informationInformation Governance Policy
Information Governance Policy Version: Revised: Consultation: Ratified by: 1.0 Information Governance Committee Governance Committee Date ratified: 19 March 2008 Name of originator/author: David McGrath
More informationInformation Governance Policy
BEXLEY CARE TRUST MANAGEMENT MANUAL Title: INFORMATION GOVERNANCE POLICY Originating Department: IT DEPARTMENT Authorised by: Risk Management Committee June 2008 Reference no: CA12 Date of Issue: JANUARY
More informationInformation Governance Strategy and Policy. OFFICIAL Ownership: Information Governance Group Date Issued: 15/01/2015 Version: 2.
Information Governance Strategy and Policy Ownership: Information Governance Group Date Issued: 15/01/2015 Version: 2.0 Status: Final Revision and Signoff Sheet Change Record Date Author Version Comments
More informationNHS Commissioning Board: Information governance policy
NHS Commissioning Board: Information governance policy DOCUMENT STATUS: To be approved / Approved DOCUMENT RATIFIED BY: DATE ISSUED: October 2012 DATE TO BE REVIEWED: April 2013 2 AMENDMENT HISTORY: VERSION
More informationINFORMATION GOVERNANCE POLICY
INFORMATION GOVERNANCE POLICY Issued by: Senior Information Risk Owner Policy Classification: Policy No: POLIG001 Information Governance Issue No: 1 Date Issued: 18/11/2013 Page No: 1 of 16 Review Date:
More informationBEFORE USING THIS GUIDANCE, MAKE SURE YOU HAVE THE MOST UP TO DATE VERSION GUIDANCE 2 POLICY AREA: INFORMATION GOVERNANCE
GUIDANCE 1 TITLE: INFORMATION GOVERNANCE FRAMEWORK 2 POLICY AREA: INFORMATION GOVERNANCE 3 ACCOUNTABLE DIRECTOR FOR POLICY AREA: DIRECTOR OF QUALITY AND GOVERNANCE 4 GUIDANCE DRAFTED BY: INTEGRATED GOVERNANCE
More informationThe potential legal consequences of a personal data breach
The potential legal consequences of a personal data breach Tue Goldschmieding, Partner 16 April 2015 The potential legal consequences of a personal data breach 15 April 2015 Contents 1. Definitions 2.
More informationInformation Governance Toolkit Assessment 2009/10
Information Governance Toolkit Assessment 2009/10 Document Reference: Version: Ratified by: Date ratified: Name of originator/author: Name of responsible committee/individual: Document owner: Document
More informationNHS Information Governance: 2010/11 UPDATE
NHS Information Governance: 2010/11 UPDATE JANUARY 2011 Contents Outline of the Changes Quick reference to additional evidence requirements Guide to using the online Toolkit Frequently asked questions
More informationInformation Governance Strategy Includes Information risk & incident management methodology
Version 2.0 LOGOLOGO Information Governance Strategy Includes Information risk & incident management methodology Approved by: Quality & Governance Committee Ratification date: May 2014 Review date: May
More informationCloud Software Services for Schools
Cloud Software Services for Schools Supplier self-certification statements with service and support commitments Supplier name Address Contact name Contact email Contact telephone Parent Teacher Online
More informationBarnet Partnership Information Sharing Protocol
Barnet Partnership Information Sharing Protocol Information Sharing Protocol V1_0C - FINAL Page 1 of 52 Version 1.0 (FINAL) Contents 1 Background... 4 1.1 The need to share information... 4 2 Scope...
More informationInformation Governance Strategy 2015/16
Information Governance Strategy 2015/16 Ratified Governing Body (November 2015) Status Final Issued November 2015 Approved By Executive Committee (August 2015) Consultation Equality Impact Assessment Internal
More informationNottinghamshire County Council. Data protection audit report
Nottinghamshire County Council Data protection audit report Executive summary October 2015 1. Background The Information Commissioner is responsible for enforcing and promoting compliance with the Data
More informationLauren Hamill, Information Governance Officer. Version Release Author/Reviewer Date Changes (Please identify page no.) 1.0 L.
Document No: IG10d Version: 1.1 Name of Procedure: Third Party Due Diligence Assessment Author: Release Date: Review Date: Lauren Hamill, Information Governance Officer Version Control Version Release
More informationNHS Waltham Forest Clinical Commissioning Group Information Governance Policy
NHS Waltham Forest Clinical Commissioning Group Information Governance Policy Author: Zeb Alam & David Pearce Version 3.0 Amendments to Version 2.1 Updates made in line with National Guidance and Legislation
More informationINFORMATION GOVERNANCE HANDBOOK
INFORMATION GOVERNANCE HANDBOOK SECTION ONE Author Tracey Burrows Role Information Governance Manager (CSCSU) Date / Version February 2015 Version FINAL V1.0 Approved by IM&T Board Date 27 February 2015
More informationINFORMATION GOVERNANCE STRATEGY NO.CG02
INFORMATION GOVERNANCE STRATEGY NO.CG02 Applies to: All NHS LA employees, Non-Executive Directors, secondees and consultants, and/or any other parties who will carry out duties on behalf of the NHS LA.
More informationInformation Governance Policy
Information Governance Policy Document Number 01 Version Number 2.0 Approved by / Date approved Effective Authority Customer Services & ICT Authorised by Assistant Director Customer Services & ICT Contact
More informationInformation Governance
CONTROLLED Information Governance Caldicot Version-Workbok Non Caldicott Version - Workbook Version 12 January 2015 40 1 Don t Get Bitten by the Data Demon Notes Using this Workbook The objective of this
More informationDATA PROTECTION POLICY
DATA PROTECTION POLICY Version 1.3 April 2014 Contents 1 POLICY STATEMENT...2 2 PURPOSE....2 3 LEGAL CONTEXT AND DEFINITIONS...2 3.1 Data Protection Act 1998...2 3.2 Other related legislation.....4 3.3
More informationInformation Governance Strategy Includes Information risk & incident management methodology
Version 3.0 LOGOLOGO Information Governance Strategy Includes Information risk & incident management methodology Approved by: Quality Assurance Group Ratification date: March 2015 Review date: March 2016
More informationINFORMATION GOVERNANCE STRATEGIC VISION, POLICY AND FRAMEWORK
INFORMATION GOVERNANCE STRATEGIC VISION, POLICY AND FRAMEWORK Policy approved by: Assurance Committee Date: 3 December 2014 Next Review Date: December 2016 Version: 1.0 Information Governance Strategic
More informationSHEFFIELD TEACHING HOSPITALS NHS FOUNDATION TRUST EXECUTIVE SUMMARY REPORT TO THE BOARD OF DIRECTORS MEETING HELD ON 16 MAY 2012
B SHEFFIELD TEACHING HOSPITALS NHS FOUNDATION TRUST EXECUTIVE SUMMARY REPORT TO THE BOARD OF DIRECTORS MEETING HELD ON 16 MAY 2012 Subject Supporting TEG Member Lead Author Status 1 Healthcare Governance
More informationINFORMATION GOVERNANCE POLICY
ENFIELD CLINICAL COMMISSIONING GROUP INFORMATION GOVERNANCE POLICY PLEASE DESTROY ALL PREVIOUS VERSIONS OF THIS DOCUMENT Enfield CCG Information Governance Policy Information Governance Policy (Policy
More informationInformation Governance
Attach 8 Information Governance CCG Accredited Safe Haven Application Information Governance CCG Accredited Safe Haven Application 1 1. Introduction 1.1. From the 1st April 2013 new information governance
More informationInformation Governance Policy
Information Governance Policy Policy Summary This policy outlines the organisation s approach to the management of Information Governance and information handling. It explains the accountability and reporting
More informationDATA PROTECTION POLICY
Reference number Approved by Information Management and Technology Board Date approved 14 th May 2012 Version 1.1 Last revised N/A Review date May 2015 Category Information Assurance Owner Data Protection
More informationInformation Governance and Risk Stratification: Advice and Options for CCGs and GPs
Information Governance and Risk Stratification: Advice and Options for CCGs and GPs 1 NHS England INFORMATION READER BOX Directorate Medical Operations Patients and Information Nursing Policy Commissioning
More informationINFORMATION GOVERNANCE STRATEGY
INFORMATION GOVERNANCE STRATEGY Page 1 of 10 Strategy Owner Valerie Penn, Head of Governance Strategy Author Caroline Law, Information Governance Project Manager Directorate Corporate Governance Ratifying
More informationSHIP Guiding Principles and Best Practices
A document of the SHIP Information Governance Working Group The objectives of this document This document is a statement of agreed guiding principles for governance and instances of best practice arising
More informationCORE SKILLS FRAMEWORK INFORMATION GOVERNANCE LESSON NOTES AND TIPS FOR A SUGGESTED APPROACH
CORE SKILLS FRAMEWORK INFORMATION GOVERNANCE LESSON NOTES AND TIPS FOR A SUGGESTED APPROACH These notes are designed to be used in conjunction with the core training PowerPoint slides. The purpose of the
More informationPolicy: IG01. Information Governance Incident Reporting Policy. n/a. Date ratified: 16 th April 2014
Policy: IG01 Information Governance Incident Reporting Policy Version: IG01/01 Ratified by: Trust Management Team Date ratified: 16 th April 2014 Title of Author: Head of Governance Title of responsible
More informationInformation Management Policy CCG Policy Reference: IG 2 v4.1
Information Management Policy CCG Policy Reference: IG 2 v4.1 Document Title: Policy Information Management Document Status: Final Page 1 of 15 Issue date: Nov-2015 Review date: Nov-2016 Document control
More informationCODE OF CONDUCT: BETTING AND RELATED ACTIVITY
CODE OF CONDUCT: BETTING AND RELATED ACTIVITY 1 INTRODUCTION 1.1 Every person who is subject to the Operational Rules is subject to this Code of Conduct on Betting and Related Activity (the Betting Code
More informationCombar/CLLS Guidance note on the Agreement for the Supply of Services by a Barrister in a Commercial Case
Combar/CLLS Guidance note on the Agreement for the Supply of Services by a Barrister in a Commercial Case Introduction... 2 Background... 2 Entering into an agreement incorporating the Terms... 3 The Services...
More informationInformation Governance Policy Version - Final Date for Review: 1 October 2017 Lead Director: Performance, Quality and Cooperate Affairs
Information Governance Policy Version - Final Date for Review: 1 October 2017 Lead Director: Performance, Quality and Cooperate Affairs NOTE: This is a CONTROLLED Document. Any documents appearing in paper
More informationInformation Governance
Information Governance What you will learn in this session? 1. Principles of Information Governance and their application to health and social care organisations 2. Accessing Information Governance resources
More informationDATA AND PAYMENT SECURITY PART 1
STAR has teamed up with Prevention of Fraud in Travel (PROFiT) and the Fraud Intelligence Network (FIN) to offer our members the best advice about fraud prevention. We recognise the increasing threat of
More informationArticle 29 Working Party Issues Opinion on Cloud Computing
Client Alert Global Regulatory Enforcement If you have questions or would like additional information on the material covered in this Alert, please contact one of the authors: Cynthia O Donoghue Partner,
More informationINFORMATION GOVERNANCE POLICY
INFORMATION GOVERNANCE POLICY Including the Information Governance Strategy Framework and associated Information Governance Procedures Last Review Date Approving Body N/A Governing Body Date of Approval
More informationData Protection and Information Security. Procedure for reporting a breach of data security. April 2013
Data Protection and Information Security Procedure for reporting a breach of data security April 2013 Page 1 of 6 Created on: 01/04/2009 Contents 1 Introduction... 3 2 Data Classification... 3 3 What Is
More informationUniversity of Limerick Data Protection Compliance Regulations June 2015
University of Limerick Data Protection Compliance Regulations June 2015 1. Purpose of Data Protection Compliance Regulations 1.1 The purpose of these Compliance Regulations is to assist University of Limerick
More informationInformation Governance Policy
Information Governance Policy Responsible Officer Author Ben Bennett, Business Planning & Resources Director Julian Lewis, Governance Manager Date effective from August 2009 Date last amended August 2009
More informationInformation Governance Policy
Author: Susan Hall, Information Governance Manager Owner: Fiona Jamieson, Assistant Director of Healthcare Governance Publisher: Compliance Unit Date of first issue: February 2005 Version: 5 Date of version
More informationINFORMATION GOVERNANCE POLICY
Directorate of Performance Assurance INFORMATION GOVERNANCE POLICY Reference: DCP074 Version: 2.5 This version issued: 27/03/15 Result of last review: Minor changes Date approved by owner (if applicable):
More informationINFORMATION GOVERNANCE OPERATING POLICY & FRAMEWORK
INFORMATION GOVERNANCE OPERATING POLICY & FRAMEWORK Log / Control Sheet Responsible Officer: Chief Finance Officer Clinical Lead: Dr J Parker, Caldicott Guardian Author: Associate IG Specialist, Yorkshire
More informationMONMOUTHSHIRE COUNTY COUNCIL DATA PROTECTION POLICY
MONMOUTHSHIRE COUNTY COUNCIL DATA PROTECTION POLICY Page 1 of 16 Contents Policy Information 3 Introduction 4 Responsibilities 7 Confidentiality 9 Data recording and storage 11 Subject Access 12 Transparency
More informationINFORMATION GOVERNANCE REVIEW EVIDENCE GATHERING: COMMISSIONING
INFORMATION GOVERNANCE REVIEW EVIDENCE GATHERING: COMMISSIONING Introduction In producing these questions, the Information Governance Review Panel has reviewed the legal and statutory basis for the processing
More informationINFORMATION GOVERNANCE AND DATA PROTECTION POLICY
INFORMATION GOVERNANCE AND DATA PROTECTION POLICY WN CCG Information Governance & Data Protection Policy July 2013 1 Document Control Sheet Name of Document: Information Governance & Data Protection Policy
More informationHuman Resources Policy documents. Data Protection Policy
Policy documents Aims of the Policy apetito is committed to meeting its obligations under data protection law. As a business, apetito handles a range of Personal Data relating to its customers, staff and
More informationInformation Governance in Dental Practices. Summary of findings from ICO reviews. September 2015
Information Governance in Dental Practices Summary of findings from ICO reviews September 2015 Executive summary The Information Commissioner s Office (ICO) is the regulator responsible for ensuring that
More informationRenfrewshire Council. Data protection audit report. Executive summary January 2013
Renfrewshire Council Data protection audit report Executive summary January 2013 1. Background The Information Commissioner is responsible for enforcing and promoting compliance with the Data Protection
More informationNHS Waltham Forest Clinical Commissioning Group Information Governance Strategy
NHS Waltham Forest Clinical Commissioning Group Governance Strategy Author: Zeb Alam, CCG IG Lead, (NELCSU) David Pearce, Head of Governance, WFCCG Version 3.0 Amendments to Version 2.1 Annual Review Reference
More informationInformation Governance Policy
Information Governance Policy Version 1.1 Responsible Person Information Governance Manager Lead Director Head of Corporate Services Consultation Route Information Governance Steering Group Approval Route
More informationEveryone in the workplace has a legal duty to protect the privacy of information about individuals. AEP/BELB/LJ/2010 Awareness Session
Everyone in the workplace has a legal duty to protect the privacy of information about individuals AEP/BELB/LJ/2010 Awareness Session During 2007 alone, 36,989,300 people in the UK have had their private
More informationCloud Software Services for Schools
Cloud Software Services for Schools Supplier self-certification statements with service and support commitments Please insert supplier details below Supplier name Address Isuz Ltd. trading as Schoolcomms
More informationLeading the CWHH Clinical Commissioning Groups
Chief Officer s Report June 2013 Purpose This paper provides a summary of the key areas of business as led by the Chief Officer for this and the other three Clinical Commissioning Groups (CCGs) in the
More informationInformation Incident Management and Reporting Procedures
` Information Incident Management and Reporting Procedures Compliance with all CCG policies, procedures, protocols, guidelines, guidance and standards is a condition of employment. Breach of policy may
More informationHacks, apps and espionage - how protected are you against cyber crime? Top 10 Legal Need-to-Knows
Hacks, apps and espionage - how protected are you against cyber crime? Top 10 Legal Need-to-Knows 24 February 2015 Callum Sinclair Faith Jayne Agenda Top 10 legal need-to-knows, including: What is cyber
More informationNOT PROTECTIVELY MARKED
PEOPLE AND ORGANISATIONAL DEVELOPMENT HUMAN RESOURCES DISCIPLINARY POLICY AND PROCEDURE Author/Role Fiona Munro, Human Resources Date of Risk Assessment (if applicable) N/A Date of Equality Impact Assessment
More informationThe EDGE 2014 User Conference Information Governance Workshop
The EDGE 2014 User Conference Information Governance Workshop Monday 17 th March 2014 Debbie Terry Agenda What is Information Governance? New developments in legislation Your questions answered Caldicott
More information