NHS Business Services Authority Information Governance Policy

Save this PDF as:
 WORD  PNG  TXT  JPG

Size: px
Start display at page:

Download "NHS Business Services Authority Information Governance Policy"

Transcription

1 NHS Business Services Authority Information Governance Policy NHS Business Services Authority Corporate Secretariat NHSBSAIGM002

2 Issue Sheet Document reference NHSBSAIGM002 Document location F:\CEO\IGM\Info Gov Mgt\BSA Title NHS Business Services Authority Information Governance Policy Author Gordon Wanless Issued to All NHSBSA staff Why issued For information / action Last Reviewed 3 November 2010 Revision Details Version Date Amended by Approved by Details of amendments Initial Release IGSG The third last bullet point in to include reference to EIR and PSI. Amend affordable in the last bullet point in to be cost-effective. The fourth bullet point in to include reference to EIR and PSI. Add within cost and resource restraints at the end of the third bullet point in Meeting\NHSBSAIGM002 - NHSBSA Information Governance Policy.doc Page 2 of 13

3 Contents Page 1 Introduction 4 2 Policy Statement 5 3 Principles 5 4 Scope of this Policy 7 5 Policy 8 6 Information Governance Responsibilities 9 7 Validity of this Policy 10 Appendix A 11 IGMS Graphical Representation 12 IG Documentation & Materials Overview 13 Meeting\NHSBSAIGM002 - NHSBSA Information Governance Policy.doc Page 3 of 13

4 1 Introduction 1.1 The information held by the NHS Business Services Authority (NHSBSA) represents one of our most valuable assets. Without that information the NHSBSA could not operate. It is therefore essential that all information and information systems at the NHSBSA's sites are protected against the many threats which may affect confidentiality and overall service provision. Such threats can range from accidental damage to deliberate disclosure of sensitive information. 1.2 Information security is the responsibility of every member of staff in the NHSBSA. The information systems currently in use employ technical processes to help in maintaining the confidentiality, integrity and availability of the information they hold. However these security measures can be weakened through careless actions such as writing down or sharing a password. 1.3 The scope of this Information Governance (IG) Policy is to support the protection, control and management of NHSBSA s information assets. The policy is concerned with all information systems, electronic and non-electronic, and will apply to all divisions, sites and departments in the NHSBSA, to all NHSBSA staff and as appropriate to its contractors and third party service providers. It will cover all information within the NHSBSA, which could include data and information that is: Stored on computers Transmitted across internal and public networks such as or Intranet/Internet Stored within databases Printed or hand written on paper, white boards etc. Sent by facsimile (fax), telex or other communications method Stored on removable media such as CD-ROMs, hard disks, tapes and other similar media Stored on fixed media such as hard disks and sub-systems Held on film or microfiche Presented on slides, overhead projectors, using visual and audio media Spoken during telephone calls and meetings or conveyed by any other method Meeting\NHSBSAIGM002 - NHSBSA Information Governance Policy.doc Page 4 of 13

5 1.4 The NHSBSA is committed to properly protecting the information that it holds. This policy and associated practices and procedures have been agreed by the NHSBSA Leadership Team and Senior Management of the Authority. 2. Policy Statement 2.1 This document defines the IG Policy for the NHSBSA. 2.2 The IG Policy applies to all information obtained and processed by the NHSBSA and the NHSBSA s employees. 2.3 This document: Sets out the NHSBSA s policy for the protection of all information obtained and processed Establishes the responsibilities for IG 3 Principles 3.1 There are four key, interlinked, strands to this policy: Openness Legal Compliance Information Security Quality Assurance Openness The NHSBSA recognises the need for an appropriate balance between openness and confidentiality in the management and use of information Information will be defined and where appropriate kept confidential, underpinning the principles of Caldicott and the regulations outlined in the Data Protection Act 1998 (DPA). Non-confidential information about the NHSBSA and services will be available to the public through a variety of means, one of which will be the provisions of the Freedom of Information Act 2000 (FOIA) There will be clear procedures and arrangements for handling queries from members of the public The NHSBSA will have clear procedures and arrangements for liaison with the press and broadcasting media Integrity of information will be developed, monitored and maintained to ensure that it is appropriate for the purposes intended Meeting\NHSBSAIGM002 - NHSBSA Information Governance Policy.doc Page 5 of 13

6 Availability of information for operational purposes will be maintained within set parameters relating to its importance via appropriate procedures and computer system resilience The NHSBSA regards all identifiable personal information relating to members of the public as confidential, compliance with legal and regulatory framework will be achieved, monitored and maintained The NHSBSA regards all identifiable personal information relating to staff as confidential except where national policy on accountability and openness requires otherwise The NHSBSA will establish and maintain policies and procedures to ensure compliance with the DPA, Human Rights Act 1998 (HRA), the common law duty of confidentiality, Environmental Information regulations 2004 (EIR), the Re-use of Public Sector Information regulations 2005 (PSI) and the FOIA Awareness and understanding of all staff, with regard to their responsibilities, will be routinely assessed, recorded and appropriate training and awareness provided Risk assessment, in conjunction with overall priority planning of NHSBSA activity will be undertaken to determine appropriate, cost-effective IG controls are in place Legal Compliance The NHSBSA regards all identifiable personal information relating to members of the public as confidential The NHSBSA will undertake or commission annual assessments and audits of its compliance against legal requirements The NHSBSA regards all identifiable personal information relating to staff as confidential except where national policy on accountability and openness requires otherwise The NHSBSA will establish and maintain policies and procedures to ensure compliance with the DPA, HRA, the common law duty of confidentiality, EIR, PSI and the FOIA The NHSBSA will establish and maintain policies for the controlled and appropriate sharing of patient identifiable information with other agencies, taking account of relevant legislation (e.g. Health and Social Care Act, Crime and Disorder Act, Protection of Children Act) Information Security The NHSBSA will establish and maintain policies for the effective and secure management of its information assets and resources Meeting\NHSBSAIGM002 - NHSBSA Information Governance Policy.doc Page 6 of 13

7 Audits will be undertaken or commissioned to assess information and IT security arrangements The NHSBSA s Incident Reporting system will be used to report, monitor and investigate all breaches of confidentiality and security Information Quality Assurance The NHSBSA will establish and maintain policies for information quality assurance and the effective management of records Audits will be undertaken or commissioned of the NHSBSA s quality of data and records management arrangements Managers will be expected to take ownership of, and seek to improve, the quality of data within their services within cost and resource restraints Wherever possible, information quality will be assured at the point of collection The NHSBSA will promote data quality through policies, procedures/user manual and training 3.2 This policy and any associated procedures will be reviewed periodically by the NHSBSA Leadership Team. Where review is necessary due to legislative change this will happen immediately. 3.3 In accordance with the Authority's Equal Opportunities policy, this policy will not discriminate, either directly or indirectly, on the grounds of gender, race, colour, ethnic or national origin, sexual orientation, marital status, religion or belief, age, union membership, disability, offending background or any other personal characteristic. 4 Scope of this Policy 4.1 This policy covers all forms of information held by the NHSBSA, including (but not limited to): Information about members of the public Non NHSBSA employees on NHSBSA premises Staff and Personnel information Organisational, business and operational information Meeting\NHSBSAIGM002 - NHSBSA Information Governance Policy.doc Page 7 of 13

8 4.2 This policy applies to all aspects of information handling, including (but not limited to): Structured record systems - paper and electronic Information recording and processing systems whether paper, electronic, video or audio records Information transmission systems, such as fax, , portable media, post and telephone 4.3 This policy covers all information systems purchased, developed and managed by / or on behalf of, the NHSBSA and any individual directly employed or otherwise by the NHSBSA. 5 Policy 5.1 IG is the function of Corporate Governance that ensures the Confidentiality, Integrity and Availability of the NHSBSA s information assets. It is concerned with the facilitation of delivering accurate contextual information to those who require it for a recognised purpose, whether they be manager, administrator, supporting staff, service user or a member of the public, whilst complying with the legal and regulatory framework. 5.2 An Information Governance Management System (IGMS), including associated policies, procedures, protocols and guidelines and the ongoing monitoring thereof, ensures that the risks to such information assets are identified, assessed and adequately controlled in compliance with: The current legislative framework Applicable NHS codes of practice and regulations Recognised best practice for information handling and information security Information Governance Toolkit requirements 5.3 Developing an overall IGMS will include: The definition of an IG Policy and Strategy The identification (audit) of all existing information assets and the documentation thereof in a suitable Information Asset Register Completion of a formal Risk Assessment, identify threats and vulnerabilities to assets and systems and the potential associated impacts on delivery that each risk eventually would cause Meeting\NHSBSAIGM002 - NHSBSA Information Governance Policy.doc Page 8 of 13

9 Assessment, costing, selection and implementation of appropriate controls, and the developing of procedure and process-related documentation Production of a Statement of Applicability (SOA) and the final combining of documentation to allow, if desired, formal accreditation to the adopted standard of Information Security (ISO/IEC 27001:2005 (formerly BS :2002)) The ongoing monitoring of the effects of the IGMS and SOA and the review of controls accordingly Management of the IG Toolkit 6 Information Governance Responsibilities 6.1 It is the role of the NHSBSA Leadership Team to define the NHSBSA s policy in respect of IG, taking into account legal and NHS requirements. The NHSBSA Leadership Team is also responsible for ensuring that sufficient resources are provided to support the requirements of the policy. 6.2 The NHSBSA Leadership Team members, whilst retaining their legal responsibilities, have delegated IG compliance to the NHSBSA Information Governance and Security Group (IGSG). 6.3 The IGSG is responsible for overseeing day to day IG issues; developing and maintaining policies, standards, procedures and guidance, coordinating IG in the NHSBSA and raising awareness of IG. 6.4 Managers within the NHSBSA are responsible for ensuring that this policy and its supporting standards and guidelines are built into local processes and that there is on-going compliance. 6.5 All staff, whether permanent, temporary or contracted, and contractors are responsible for ensuring that they are aware of the requirements incumbent upon them and for ensuring that they comply with these on a day to day basis. 7 Validity of this Policy 7.1 This policy is designed to avoid discrimination and be in accordance with the HRA and its underlying principles. 7.2 This policy should be reviewed annually under the authority of the NHSBSA Leadership Team members. Associated IG Meeting\NHSBSAIGM002 - NHSBSA Information Governance Policy.doc Page 9 of 13

10 standards should be subject to an ongoing development and review programme. Meeting\NHSBSAIGM002 - NHSBSA Information Governance Policy.doc Page 10 of 13

11 Appendix A IGMS Graphical Representation IG Documentation & Materials Overview Meeting\NHSBSAIGM002 - NHSBSA Information Governance Policy.doc Page 11 of 13

12 Information Governance Management System Information Governance Management System Data Protection Freedom of Inform ation Inform ation Security Business Continuity Records Management Inform ation Governance Policy Procedure Policy Procedure Policy Procedure Policy Policy Records Register Policy Strategy Procedure Subject Access Requests Requests for Inform ation Disclaimer Inform ation Governance Confidentiality Code of Practice Internal Review Incident Reporting Acceptable Use (inc. M onitoring) Policy Asset Register

13 Information Governance Documentation & Materials Overview Policy Information Governance Management System (Consists of policies on Data Protection, Freedom of Information, Acceptable Use, Information Security, Business Continuity, Records Management & Information Governance) The IG management system sets high level direction and required standards across the Authority. This is supported where necessary by procedures and specific guidance documents, where the required controls are explained in detail. Procedure & Guidance Data Protection Procedure Freedom of Information Procedure Guidance Document Internet Guidance Document Records Register Responsibilities and key awareness messages for all staff are contained in the IGMS and guidance documents, but also in two key documents that have been written specifically to be accessible to all staff as detailed below: Awareness All Staff Confidentiality Code of Practice Summary Leaflet Acceptable Use Staff Agreement In addition to the Code of Practice leaflet and the Acceptable Use Staff Agreement, a reference pack of guidance will be available online. Reference Available to all Information handling reference pack Includes awareness materials for staff and public, guidance on providing access to patient type records (patients, relatives, children, deceased & solicitors). Information sharing documentation (Police, research, children). Freedom of Information process documentation. Communication guidance (fax, phone etc.) This pack will be updated regularly Computer based materials Screen saver, Acceptable use challenge, DP/FOI/IS Awareness Training. Meeting\NHSBSAIGM002 - NHSBSA Information Governance Policy.doc Page 13 of 13

Information governance policy

Information governance policy Information governance policy Issue sheet Document reference Document location Title Author Issued to Reason issued NHSBSAIGM002a S:\BSA\IGM\Mng IG\Developing Policy and Strategy\Develop or Review IG Policy\Current

More information

CORPORATE POLICY & PROCEDURE NO. 7 INFORMATION GOVERNANCE POLICY. December 2014

CORPORATE POLICY & PROCEDURE NO. 7 INFORMATION GOVERNANCE POLICY. December 2014 CORPORATE POLICY & PROCEDURE NO. 7 INFORMATION GOVERNANCE POLICY December 2014 DOCUMENT INFORMATION Author: Barbara Sansom Information Governance Manager Equality Impact Assessment Consultation & Approval

More information

MOORLAND SURGICAL SUPPLIES LTD INFORMATION GOVERNANCE POLICY

MOORLAND SURGICAL SUPPLIES LTD INFORMATION GOVERNANCE POLICY MOORLAND SURGICAL SUPPLIES LTD INFORMATION GOVERNANCE POLICY Moorland is committed to ensuring that, as far as it is reasonably practicable, the way we provide services to the public and the way we treat

More information

Information Governance Policy. Church Road Medical Practice

Information Governance Policy. Church Road Medical Practice Information Governance Policy Church Road Medical Practice Version No: 1.0 Issue Date: March 2015 INFORMATION GOVERNANCE POLICY 1. Summary Information is a vital asset, both in terms of the clinical management

More information

NHS Business Services Authority Information Security Policy

NHS Business Services Authority Information Security Policy NHS Business Services Authority Information Security Policy NHS Business Services Authority Corporate Secretariat NHSBSAIS001 Issue Sheet Document reference NHSBSARM001 Document location F:\CEO\IGM\IS\BSA

More information

INFORMATION GOVERNANCE POLICY

INFORMATION GOVERNANCE POLICY Directorate of Performance Assurance INFORMATION GOVERNANCE POLICY Reference: DCP074 Version: 2.5 This version issued: 27/03/15 Result of last review: Minor changes Date approved by owner (if applicable):

More information

Information Governance Policy

Information Governance Policy Information Governance Policy REFERENCE NUMBER IG 101 / 0v3 May 2012 VERSION V1.0 APPROVING COMMITTEE & DATE Clinical Executive 4.9.12 REVIEW DUE DATE May 2015 West Lancashire CCG is committed to ensuring

More information

Gloucestershire Hospitals

Gloucestershire Hospitals Gloucestershire Hospitals NHS Foundation Trust TRUST POLICY In the case of hard copies of this policy the content can only be assured to be accurate on the date of issue marked on the document. The Policy

More information

Information Governance Policy

Information Governance Policy BEXLEY CARE TRUST MANAGEMENT MANUAL Title: INFORMATION GOVERNANCE POLICY Originating Department: IT DEPARTMENT Authorised by: Risk Management Committee June 2008 Reference no: CA12 Date of Issue: JANUARY

More information

Information security policy

Information security policy Information security policy Issue sheet Document reference Document location Title Author Issued to Reason issued NHSBSARM001 S:\BSA\IGM\Mng IG\Developing Policy and Strategy\Develop or Review of IS Policy\Current

More information

SALISBURY NHS FOUNDATIONTRUST

SALISBURY NHS FOUNDATIONTRUST SALISBURY NHS FOUNDATIONTRUST PAPER SHC 1738 TITLE Information Governance Policy PURPOSE OF PAPER The Information Governance Policy was first approved in April 2005. It is currently due for review to ensure

More information

INFORMATION GOVERNANCE POLICY

INFORMATION GOVERNANCE POLICY INFORMATION GOVERNANCE POLICY Primary Intranet Location Information Management & Governance Version Number Next Review Year Next Review Month 7.0 2018 January Current Author Phil Cottis Author s Job Title

More information

INFORMATION GOVERNANCE OPERATING POLICY & FRAMEWORK

INFORMATION GOVERNANCE OPERATING POLICY & FRAMEWORK INFORMATION GOVERNANCE OPERATING POLICY & FRAMEWORK Log / Control Sheet Responsible Officer: Chief Finance Officer Clinical Lead: Dr J Parker, Caldicott Guardian Author: Associate IG Specialist, Yorkshire

More information

INFORMATION GOVERNANCE POLICY

INFORMATION GOVERNANCE POLICY INFORMATION GOVERNANCE POLICY Information Governance Policy_v2.0_060913_LP Page 1 of 14 Information Reader Box Directorate Purpose Document Purpose Document Name Author Corporate Governance Guidance Policy

More information

Information Governance Policy

Information Governance Policy Information Governance Policy Policy ID IG02 Version: V1 Date ratified by Governing Body 27/09/13 Author South Commissioning Support Unit Date issued: 21/10/13 Last review date: N/A Next review date: September

More information

INFORMATION GOVERNANCE POLICY

INFORMATION GOVERNANCE POLICY INFORMATION GOVERNANCE POLICY NWAS Information Governance Policy Page: Page 1 of 10 Date of Issue: January 2014 Date of Review February 2015 Recommended by Approved by Information Governance Management

More information

Information Governance Policy

Information Governance Policy Information Governance Policy Responsible Officer Author Ben Bennett, Business Planning & Resources Director Julian Lewis, Governance Manager Date effective from August 2009 Date last amended August 2009

More information

INFORMATION GOVERNANCE POLICY

INFORMATION GOVERNANCE POLICY INFORMATION GOVERNANCE POLICY Version Version 1 Ratified By Date Ratified PROPOSED FOR APPROVAL 15/11/12 Author(s) Responsible Committee / Officers Date Issue November 2012 Review Date November 2013 Intended

More information

INFORMATION GOVERNANCE STRATEGY

INFORMATION GOVERNANCE STRATEGY INFORMATION GOVERNANCE STRATEGY Page 1 of 10 Strategy Owner Valerie Penn, Head of Governance Strategy Author Caroline Law, Information Governance Project Manager Directorate Corporate Governance Ratifying

More information

1.5 The Information Governance Policy should be read in conjunction with the Information Governance Strategy.

1.5 The Information Governance Policy should be read in conjunction with the Information Governance Strategy. Title: Reference No: NHSNYYIG - 007 Owner: Author: INFORMATION GOVERNANCE POLICY Director of Standards First Issued On: September 2010 Latest Issue Date: February 2012 Operational Date: February 2012 Review

More information

Information Governance Policy

Information Governance Policy Information Governance Policy UNIQUE REF NUMBER: AC/IG/013/V1.2 DOCUMENT STATUS: Approved by Audit Committee 19 June 2013 DATE ISSUED: June 2013 DATE TO BE REVIEWED: June 2014 1 P age AMENDMENT HISTORY

More information

Surrey & Sussex Healthcare NHS Trust

Surrey & Sussex Healthcare NHS Trust Surrey & Sussex Healthcare NHS Trust An Organisation-wide Policy for Information Governance (IG) Version 1.3 Status Ratified Date Ratified March 2008 Name of Owner Name of Sponsor Group Name of Ratifying

More information

Information Governance Policy (incorporating IM&T Security)

Information Governance Policy (incorporating IM&T Security) (incorporating IM&T Security) ONCE PRINTED OFF, THIS IS AN UNCONTROLLED DOCUMENT. PLEASE CHECK THE INTRANET FOR THE MOST UP TO DATE COPY Target Audience: All staff employed or working on behalf of the

More information

Business continuity management policy

Business continuity management policy Business continuity management policy Issue sheet Document reference Document location Title Author Issued to Reason issued NHSBSADPN001b S:\BSA\IGM\Mng IG\Developing Policy and Strategy\Develop or Review

More information

INFORMATION GOVERNANCE STRATEGIC VISION, POLICY AND FRAMEWORK

INFORMATION GOVERNANCE STRATEGIC VISION, POLICY AND FRAMEWORK INFORMATION GOVERNANCE STRATEGIC VISION, POLICY AND FRAMEWORK Policy approved by: Assurance Committee Date: 3 December 2014 Next Review Date: December 2016 Version: 1.0 Information Governance Strategic

More information

Barnsley Clinical Commissioning Group. Information Governance Policy and Management Framework

Barnsley Clinical Commissioning Group. Information Governance Policy and Management Framework Putting Barnsley People First Barnsley Clinical Commissioning Group Information Governance Policy and Management Framework Version: 1.1 Approved By: Governing Body Date Approved: 16 January 2014 Name of

More information

Information Governance Strategy 2015/16

Information Governance Strategy 2015/16 Information Governance Strategy 2015/16 Ratified Governing Body (November 2015) Status Final Issued November 2015 Approved By Executive Committee (August 2015) Consultation Equality Impact Assessment Internal

More information

Information Governance Policy

Information Governance Policy Information Governance Policy Version: Revised: Consultation: Ratified by: 1.0 Information Governance Committee Governance Committee Date ratified: 19 March 2008 Name of originator/author: David McGrath

More information

NHS Commissioning Board: Information governance policy

NHS Commissioning Board: Information governance policy NHS Commissioning Board: Information governance policy DOCUMENT STATUS: To be approved / Approved DOCUMENT RATIFIED BY: DATE ISSUED: October 2012 DATE TO BE REVIEWED: April 2013 2 AMENDMENT HISTORY: VERSION

More information

Policy Document Control Page

Policy Document Control Page Policy Document Control Page Title Title: Information Governance Policy Version: 5 Reference Number: CO44 Keywords: Information Governance Supersedes Supersedes: Version 4 Description of Amendment(s):

More information

NHS Newcastle Gateshead Clinical Commissioning Group. Information Governance Strategy 2015/16

NHS Newcastle Gateshead Clinical Commissioning Group. Information Governance Strategy 2015/16 NHS Newcastle Gateshead Clinical Commissioning Group Information Governance Strategy 2015/16 Document Status Equality Impact Assessment Document Ratified/Approved By Approved No impact NHS Quality, Safety

More information

Information Governance Policy

Information Governance Policy Information Governance Policy Policy Summary This policy outlines the organisation s approach to the management of Information Governance and information handling. It explains the accountability and reporting

More information

NHS North Durham Clinical Commissioning Group. Information Governance Strategy 2015/16

NHS North Durham Clinical Commissioning Group. Information Governance Strategy 2015/16 NHS North Durham Clinical Commissioning Group Information Governance Strategy 2015/16 Document Status Equality Impact Assessment Document Ratified/Approved By Final No impact Risk and Audit Committee/Governing

More information

Information Governance Policy

Information Governance Policy Author: Susan Hall, Information Governance Manager Owner: Fiona Jamieson, Assistant Director of Healthcare Governance Publisher: Compliance Unit Date of first issue: February 2005 Version: 5 Date of version

More information

Information Governance Policy

Information Governance Policy Information Governance Policy Information Governance Policy Issue Date: June 2014 Document Number: POL_1008 Prepared by: Information Governance Senior Manager Insert heading depending on Insert line heading

More information

Information Governance Policy

Information Governance Policy Policy Policy Number / Version: v2.0 Ratified by: Audit Committee Date ratified: 25 th February 2015 Review date: 24 th February 2016 Name of originator/author: Name of responsible committee/individual:

More information

INFORMATION GOVERNANCE POLICY & STRATEGY FINAL DRAFT

INFORMATION GOVERNANCE POLICY & STRATEGY FINAL DRAFT INFORMATION GOVERNANCE POLICY & STRATEGY FINAL DRAFT Prepared By: Alistair Stewart Responsible Person: Endorsed by: Information Governance Committee Date: May 2008 Review: June 2009 Issue Number Draft

More information

Information Governance Policy

Information Governance Policy Information Governance Policy Version: 4 Bodies consulted: Caldicott Guardian, IM&T Directors Approved by: MT Date Approved: 27/10/2015 Lead Manager: Governance Manager Responsible Director: SIRO Date

More information

Information Security Policy

Information Security Policy Information Security Policy JUNE 2014 Author Responsibility Lynda Harris, Head of Information Governance, Central Eastern CSU, Bedfordshire and Luton All staff Effective Date June 2014 Review Date June

More information

Information Governance Strategy. Version No 2.0

Information Governance Strategy. Version No 2.0 Plymouth Community Healthcare CIC Information Governance Strategy Version No 2.0 Notice to staff using a paper copy of this guidance. The policies and procedures page of PCH Intranet holds the most recent

More information

Date of review: January 2016 Policy Category: Corporate Sponsor (Director): Chief Executive CONTENT SECTION DESCRIPTION PAGE.

Date of review: January 2016 Policy Category: Corporate Sponsor (Director): Chief Executive CONTENT SECTION DESCRIPTION PAGE. Title: Information Governance Policy Date Approved: Approved by: Date of review: Policy Ref: Issue: January 2015 Information Governance Group Division/Department: January 2016 Policy Category: ISP-04 5

More information

Information Governance Strategy and Policy. OFFICIAL Ownership: Information Governance Group Date Issued: 15/01/2015 Version: 2.

Information Governance Strategy and Policy. OFFICIAL Ownership: Information Governance Group Date Issued: 15/01/2015 Version: 2. Information Governance Strategy and Policy Ownership: Information Governance Group Date Issued: 15/01/2015 Version: 2.0 Status: Final Revision and Signoff Sheet Change Record Date Author Version Comments

More information

NHS Hartlepool and Stockton-on-Tees Clinical Commissioning Group. Information Governance Strategy 2015/16

NHS Hartlepool and Stockton-on-Tees Clinical Commissioning Group. Information Governance Strategy 2015/16 NHS Hartlepool and Stockton-on-Tees Clinical Commissioning Group Information Governance Strategy 2015/16 Document Status Equality Impact Assessment Final No impact Document Ratified/Approved By Hartlepool

More information

All CCG staff. This policy is due for review on the latest date shown above. After this date, policy and process documents may become invalid.

All CCG staff. This policy is due for review on the latest date shown above. After this date, policy and process documents may become invalid. Policy Type Information Governance Corporate Standing Operating Procedure Human Resources X Policy Name CCG IG03 Information Governance & Information Risk Policy Status Committee approved by Final Governance,

More information

Caedmon College Whitby

Caedmon College Whitby Caedmon College Whitby Data Protection and Information Security Policy College Governance Status This policy was re-issued in June 2014 and was adopted by the Governing Body on 26 June 2014. It will be

More information

INFORMATION GOVERNANCE POLICY

INFORMATION GOVERNANCE POLICY INFORMATION GOVERNANCE POLICY POLICY NO IM&T 011 DATE RATIFIED January 2012 NEXT REVIEW DATE January 2015 POLICY STATEMENT/KEY OBJECTIVE: To provide an overarching framework through which Information Governance

More information

IS INFORMATION SECURITY POLICY

IS INFORMATION SECURITY POLICY IS INFORMATION SECURITY POLICY Version: Version 1.0 Ratified by: Trust Executive Committee Approved by responsible committee(s) IS Business Continuity and Security Group Name/title of originator/policy

More information

Information Governance Strategy & Policy

Information Governance Strategy & Policy Information Governance Strategy & Policy March 2014 CONTENT Page 1 Introduction 1 2 Strategic Aims 1 3 Policy 2 4 Responsibilities 3 5 Information Governance Reporting Structure 4 6 Managing Information

More information

Trust Informatics Policy. Information Governance. Information Governance Policy

Trust Informatics Policy. Information Governance. Information Governance Policy Trust Informatics Policy Information Governance Policy Reference: TIP/IG/IGP I:\IG\IGM\IGT\March 2011\Document Library\Policies\Approved/ - 1 Document Control Policy Title Author/Contact Document Reference

More information

INFORMATION GOVERNANCE POLICY

INFORMATION GOVERNANCE POLICY INFORMATION GOVERNANCE POLICY Version: 3.2 Authorisation Committee: Date of Authorisation: May 2014 Ratification Committee Level 1 documents): Date of Ratification Level 1 documents): Signature of ratifying

More information

Information Governance Policy Version - Final Date for Review: 1 October 2017 Lead Director: Performance, Quality and Cooperate Affairs

Information Governance Policy Version - Final Date for Review: 1 October 2017 Lead Director: Performance, Quality and Cooperate Affairs Information Governance Policy Version - Final Date for Review: 1 October 2017 Lead Director: Performance, Quality and Cooperate Affairs NOTE: This is a CONTROLLED Document. Any documents appearing in paper

More information

INFORMATION GOVERNANCE STRATEGY NO.CG02

INFORMATION GOVERNANCE STRATEGY NO.CG02 INFORMATION GOVERNANCE STRATEGY NO.CG02 Applies to: All NHS LA employees, Non-Executive Directors, secondees and consultants, and/or any other parties who will carry out duties on behalf of the NHS LA.

More information

INFORMATION GOVERNANCE POLICY

INFORMATION GOVERNANCE POLICY INFORMATION GOVERNANCE POLICY Name of Policy Author: Name of Review/Development Body: Ratification Body: Ruth Drewett Information Governance Steering Group Committee Trust Board : April 2015 Review date:

More information

Information Governance Strategy

Information Governance Strategy Information Governance Strategy Document Status Draft Version: V2.1 DOCUMENT CHANGE HISTORY Initiated by Date Author Information Governance Requirements September 2007 Information Governance Group Version

More information

Information Governance Strategy

Information Governance Strategy Information Governance Strategy ONCE PRINTED OFF, THIS IS AN UNCONTROLLED DOCUMENT. PLEASE CHECK THE INTRANET FOR THE MOST UP TO DATE COPY Target Audience: All staff employed or working on behalf of the

More information

JOB DESCRIPTION. Information Governance Manager

JOB DESCRIPTION. Information Governance Manager JOB DESCRIPTION POST TITLE: Information Governance Manager DIRECTORATE: ACCOUNTABLE TO: BAND: LOCATION: CSS Head of Information Governance 8a CSS Job Purpose The Information Governance Manager will ensure

More information

Version Number Date Issued Review Date V1 25/01/2013 25/01/2013 25/01/2014. NHS North of Tyne Information Governance Manager Consultation

Version Number Date Issued Review Date V1 25/01/2013 25/01/2013 25/01/2014. NHS North of Tyne Information Governance Manager Consultation Northumberland, Newcastle North and East, Newcastle West, Gateshead, South Tyneside, Sunderland, North Durham, Durham Dales, Easington and Sedgefield, Darlington, Hartlepool and Stockton on Tees and South

More information

Information Governance Plan

Information Governance Plan Information Governance Plan 2013 2015 1. Overview 1.1 Information is a vital asset, both in terms of the clinical management of individual patients and the efficient organisation of services and resources.

More information

USE OF PERSONAL MOBILE DEVICES POLICY

USE OF PERSONAL MOBILE DEVICES POLICY Policies and Procedures USE OF PERSONAL MOBILE DEVICES POLICY Date Approved by Information Strategy Group Version Issue Date Review Date Executive Lead Information Asset Owner Author 15.04.2014 1.0 01/08/2014

More information

Information Governance Strategy. Version No 2.1

Information Governance Strategy. Version No 2.1 Livewell Southwest Information Governance Strategy Version No 2.1 Notice to staff using a paper copy of this guidance. The policies and procedures page of LSW Intranet holds the most recent version of

More information

INFORMATION GOVERNANCE POLICY

INFORMATION GOVERNANCE POLICY INFORMATION GOVERNANCE POLICY Issued by: Senior Information Risk Owner Policy Classification: Policy No: POLIG001 Information Governance Issue No: 1 Date Issued: 18/11/2013 Page No: 1 of 16 Review Date:

More information

INFORMATION GOVERNANCE INFORMATION GOVERNANCE POLICY

INFORMATION GOVERNANCE INFORMATION GOVERNANCE POLICY Appendix 1 INFORMATION GOVERNANCE INFORMATION GOVERNANCE POLICY Author Information Governance Review Group Information Governance Committee Review Date May 2014 Last Update February 2013 Document No. GV

More information

Information Governance

Information Governance Information Governance Information for Patients Information Governance (IG) Contents: Identifying the IG Lead for the Practice. This identifies the main people responsible for Information Governance Policy.

More information

Information Governance Policy

Information Governance Policy Information Governance Policy Document Number 01 Version Number 2.0 Approved by / Date approved Effective Authority Customer Services & ICT Authorised by Assistant Director Customer Services & ICT Contact

More information

NETWORK SECURITY POLICY

NETWORK SECURITY POLICY NETWORK SECURITY POLICY Policy approved by: Assurance Committee Date: 3 December 2014 Next Review Date: December 2016 Version: 1.0 Page 1 of 12 Review and Amendment Log/Control Sheet Responsible Officer:

More information

Information Governance Policy

Information Governance Policy Information Governance Policy Reference: Information Governance Policy Date Approved: April 2013 Approving Body: Board of Trustees Implementation Date: April 2013 Version: 6 Supersedes: 5 Stakeholder groups

More information

INFORMATION GOVERNANCE

INFORMATION GOVERNANCE This document is uncontrolled once printed. Please refer to the Trusts Intranet site (Procedural Documents) for the most up to date version INFORMATION GOVERNANCE NGH-PO-233 Ratified By: Procedural Document

More information

Data Subject Access Request Procedure

Data Subject Access Request Procedure Data Subject Access Request Procedure Policy ID IG07 Version: 2.0 Ratified by: Executive Committee Name of originator/author: Justin Dix, Governing Body Secretary Name of responsible committee/individual:

More information

NETWORK SECURITY POLICY

NETWORK SECURITY POLICY NETWORK SECURITY POLICY Policy approved by: Governance and Corporate Affairs Committee Date: December 2014 Next Review Date: August 2016 Version: 0.2 Page 1 of 14 Review and Amendment Log / Control Sheet

More information

Safe Haven Policy. Equality & Diversity Statement:

Safe Haven Policy. Equality & Diversity Statement: Title: Safe Haven Policy Reference No: 010/IT Owner: Deputy Chief Officer Author Information Governance Lead First Issued On: November 2012 Latest Issue Date: March 2015 Operational Date: March 2015 Review

More information

Data Protection Policy

Data Protection Policy Data Protection Policy Policy Details Produced by Assistant Principal Information Systems Date produced Approved by Senior Leadership Team (SLT) Date approved July 2011 Linked Policies and Freedom of Information

More information

NHS FORTH VALLEY Information Governance Remote Working Guidance

NHS FORTH VALLEY Information Governance Remote Working Guidance NHS FORTH VALLEY Information Governance Remote Working Guidance Date of First Issue 09 / 12 / 2011 Approved 12 / 09 / 2013 Current Issue Date 12 / 09 / 2013 Review Date 01 / 12 / 2015 Version V 3.2 EQIA

More information

Information Governance Policy

Information Governance Policy Information Governance Policy Version 1.1 Responsible Person Information Governance Manager Lead Director Head of Corporate Services Consultation Route Information Governance Steering Group Approval Route

More information

Information Sharing Policy

Information Sharing Policy Information Sharing Policy REFERENCE NUMBER IG 010 / 0v3 February 2013 VERSION V1.0 APPROVING COMMITTEE & DATE Clinical Executive Committee 5.2.13 REVIEW DUE DATE February 2016 West Lancashire CCG is committed

More information

North East Ambulance Service NHS Foundation Trust. Job Description

North East Ambulance Service NHS Foundation Trust. Job Description North East Ambulance Service NHS Foundation Trust Job Description Job Title Patient Experience Clerk A4C Band 3 Accountability Complaints Manager Directorate Clinical Care and Patient Safety Date September

More information

Subject Access Request (SAR) Procedure

Subject Access Request (SAR) Procedure Subject Access Request (SAR) Procedure East and North Hertfordshire Clinical Commissioning Group Page 1 of 16 DOCUMENT CONTROL SHEET Document Owner: Chief Finance Officer Document Author(s): Anne Ephgrave

More information

Information Governance Strategy

Information Governance Strategy Information Governance Strategy THCCGCG9 Version: 01 The information governance strategy outlines the CCG governance aims and the key objectives of its governance policies. The Chief officer has the overarching

More information

BEFORE USING THIS GUIDANCE, MAKE SURE YOU HAVE THE MOST UP TO DATE VERSION GUIDANCE 2 POLICY AREA: INFORMATION GOVERNANCE

BEFORE USING THIS GUIDANCE, MAKE SURE YOU HAVE THE MOST UP TO DATE VERSION GUIDANCE 2 POLICY AREA: INFORMATION GOVERNANCE GUIDANCE 1 TITLE: INFORMATION GOVERNANCE FRAMEWORK 2 POLICY AREA: INFORMATION GOVERNANCE 3 ACCOUNTABLE DIRECTOR FOR POLICY AREA: DIRECTOR OF QUALITY AND GOVERNANCE 4 GUIDANCE DRAFTED BY: INTEGRATED GOVERNANCE

More information

Procedures. Issue Date: June 2014 Version Number: 2.0. Document Number: POL_1009. Status: Approved Next Review Date: April 2017 Page 1 of 17

Procedures. Issue Date: June 2014 Version Number: 2.0. Document Number: POL_1009. Status: Approved Next Review Date: April 2017 Page 1 of 17 Proforma: Information Policy Security & Corporate Policy Procedures Status: Approved Next Review Date: April 2017 Page 1 of 17 Issue Date: June 2014 Prepared by: Information Governance Senior Manager Status:

More information

INFORMATION GOVERNANCE POLICY & FRAMEWORK

INFORMATION GOVERNANCE POLICY & FRAMEWORK INFORMATION GOVERNANCE POLICY & FRAMEWORK Version 1.2 Committee Approved by Audit Committee Date Approved 5 March 2015 Author: Responsible Lead: Associate IG Specialist, YHCS Corporate & Governance Manger

More information

Information Management Policy CCG Policy Reference: IG 2 v4.1

Information Management Policy CCG Policy Reference: IG 2 v4.1 Information Management Policy CCG Policy Reference: IG 2 v4.1 Document Title: Policy Information Management Document Status: Final Page 1 of 15 Issue date: Nov-2015 Review date: Nov-2016 Document control

More information

Network Security Policy

Network Security Policy Department / Service: IM&T Originator: Ian McGregor Deputy Director of ICT Accountable Director: Jonathan Rex Interim Director of ICT Approved by: County and Organisation IG Steering Groups and their relevant

More information

Information Governance Framework and Strategy. November 2014

Information Governance Framework and Strategy. November 2014 November 2014 Authorship : Committee Approved : Chris Wallace Information Governance Manager CCG Senior Management Team and Joint Trade Union Partnership Forum Approved Date : November 2014 Review Date

More information

NHS Business Services Authority Records Management Audit Framework

NHS Business Services Authority Records Management Audit Framework NHS Business Services Authority Records Management Audit Framework NHS Business Services Authority Corporate Secretariat NHSBSARM019 Issue Sheet Document Reference Document Location Title Author Issued

More information

Remote Working and Portable Devices Policy

Remote Working and Portable Devices Policy Remote Working and Portable Devices Policy Policy ID IG04 Version: V1 Date ratified by Governing Body 29/09/13 Author South Commissioning Support Unit Date issued: 21/10/13 Last review date: N/A Next review

More information

JOB DESCRIPTION. Corporate Governance Manager. 45 hours per week. Director of Compliance & Governance. London with national responsibilities

JOB DESCRIPTION. Corporate Governance Manager. 45 hours per week. Director of Compliance & Governance. London with national responsibilities JOB DESCRIPTION POST: SALARY: HOURS: REPORTS TO: LOCATION: Corporate Governance Manager 40,000 per annum 45 hours per week Director of Compliance & Governance London with national responsibilities JOB

More information

INFORMATION SECURITY & DATA PROTECTION POLICY. Documentation Control

INFORMATION SECURITY & DATA PROTECTION POLICY. Documentation Control INFORMATION SECURITY & DATA PROTECTION POLICY Documentation Control Reference Date Approved Approving Body GG/INF/002 TRUST BOARD Implementation Date JUNE 2010 Supersedes Consultation Date of Completion

More information

Records management audit framework

Records management audit framework Records management audit framework Issue sheet Document reference Document location Title Author Issued to Reason issued NHSBSARM019 S:\BSA\IGM\Mng IG\Developing Policy and Strategy\Develop or Review RM

More information

RECORDS MANAGEMENT POLICY

RECORDS MANAGEMENT POLICY RECORDS MANAGEMENT POLICY Version 8.0 Purpose: For use by: This document is compliant with /supports compliance with: To outline the lifecycle of a record and to provide guidance on retention and disposal

More information

INFORMATION GOVERNANCE POLICY

INFORMATION GOVERNANCE POLICY INFORMATION GOVERNANCE POLICY Including the Information Governance Strategy Framework and associated Information Governance Procedures Last Review Date Approving Body N/A Governing Body Date of Approval

More information

Rotherham CCG Network Security Policy V2.0

Rotherham CCG Network Security Policy V2.0 Title: Rotherham CCG Network Security Policy V2.0 Reference No: Owner: Author: Andrew Clayton - Head of IT Robin Carlisle Deputy - Chief Officer D Stowe ICT Security Manager First Issued On: 17 th October

More information

Business Continuity Policy and Business Continuity Management System

Business Continuity Policy and Business Continuity Management System Business Continuity Policy and Business Continuity Management System Summary: This policy sets out the structure for ensuring that the PCT has effective Business Continuity Plans in place in order to maintain

More information

DATA ENCRYPTION POLICY

DATA ENCRYPTION POLICY DATA ENCRYPTION POLICY Contents 1. Introduction...4 2. Purpose...4 3. Audience...4 4. Responsibilities/Duties...4 4.1 Individual Staff Responsibilities...4 4.2 Accountable Officer...5 4.3 Director of Strategy

More information

Data Protection Policy

Data Protection Policy Data Protection Policy Responsible Officer Author Date effective from July 2009 Ben Bennett, Business Planning & Resources Director Julian Lewis, Governance Manager Date last amended December 2012 Review

More information

POLICY. Responsible Use of Social Media

POLICY. Responsible Use of Social Media POLICY Responsible Use of Social Media Contact Officer Director of Personnel Director of Communications & Participation Senior Project Manager: Corporate Policies (Policy author) Purpose The primary aims

More information

1.3 This policy supports the NHSBSA s values and behaviours, particularly respect for our staff and customers.

1.3 This policy supports the NHSBSA s values and behaviours, particularly respect for our staff and customers. HR policy Equality and Diversity 1. Policy statement 1.1 The NHS Business Services Authority (NHSBSA) values the diverse nature of its customers and workforce, and is committed to equality of opportunity

More information

Courier Policy. 1 P age

Courier Policy. 1 P age Courier Policy UNIQUE REF NUMBER: AC/IG/009/V1.2 DOCUMENT STATUS: Approved by Audit Committee 19 June 2013 DATE ISSUED: June 2013 DATE TO BE REVIEWED: June 2014 1 P age AMENDMENT HISTORY VERSION DATE AMENDMENT

More information

POLICY REFERENCE NUMBER Version 1.1. NEXT REVIEW DATE: June 2017 RISK RATING EQUALITY ANALYSIS

POLICY REFERENCE NUMBER Version 1.1. NEXT REVIEW DATE: June 2017 RISK RATING EQUALITY ANALYSIS POLICY Security Classification Disclosable under Freedom of Information Act 2000 Yes POLICY TITLE Information Assurance POLICY REFERENCE NUMBER A022 Version 1.1 POLICY OWNERSHIP DIRECTORATE BUSINESS AREA

More information

INFORMATION SECURITY POLICY

INFORMATION SECURITY POLICY INFORMATION SECURITY POLICY Policy approved by: Audit and Governance Committee Date: 4 th December 2014 Next Review Date: December 2016 Version: 1 Information Security Policy Page 1 of 17 Review and Amendment

More information

Information Security Policy

Information Security Policy Information Security Policy Author: Responsible Lead Executive Director: Endorsing Body: Governance or Assurance Committee Alan Ashforth Alan Lawrie ehealth Strategy Group Implementation Date: September

More information