Information Governance Strategy
|
|
- Jordan Armstrong
- 8 years ago
- Views:
Transcription
1 Information Governance Strategy Document Status Draft Version: V2.1 DOCUMENT CHANGE HISTORY Initiated by Date Author Information Governance Requirements September 2007 Information Governance Group Version Date Comments (i.e. viewed, or reviewed, amended approved by person or committee) Draft V0.1 September 2007 Approved - IGC Draft V1.1 March 2010 Reviewed by Clinical Quality Manager submitted to IGG for comment 2.0 April 2010 Approved by Integrated Governance Committee Draft 2.1 June 2012 Reviewed by IG Manager V rd February 2015 Review date extension agreed by IGG following approval by EMB Page 1 of 16
2 Document Reference IG Toolkit Information Governance Framework Requirement Directorate: Strategy and Plans Recommended at Date Information Governance Group 23 rd July 2012 Approved at Executive Management Team (pending) Date Review date of approved document Equality Impact Assessment Linked procedural documents Dissemination requirements Checklist completed? Part of Trust s publication scheme 31 st March th July 2012 Information Governance Policy Records Management Policy Information Security Policy Release of Information Policy Internet Use Policy Use Policy Freedom of Information Policy All Trust staff No No The East of England Ambulance Service NHS Trust has made every effort to ensure this policy does not have the effect of discriminating, directly or indirectly, against employees, patients, contractors or visitors on the grounds of age, ethnic origin, gender, transgender, sexual orientation, marital status (including civil partnerships), religion & belief, maternity and pregnancy or disability. This policy will apply to all staff regardless of position or status includes volunteers. All East of England Ambulance Service NHS Trust policies can be provided in alternative formats. Page 2 of 16
3 Contents Paragraph Page 1. Introduction 5 2. Purpose 6 3. Duties Trust Board Chief Executive Senior Information Risk Owner Caldicott Guardian Head of Information Governance Information Governance Manager Other Staff Consultation and Communication with Stakeholders 7 4. Definitions 7 5. Development Prioritisation of Work Identification of Stakeholders Responsibility for Document s Development 8 6. Link to EEAST Information Strategy 8 7. The Importance of Information Governance 8 8. Key Principles of Information Governance Improved Patient Care and Service Delivery Greater Confidence in the Organisation Improved Access and Control of Records Reduction in Adverse Incidents Improved Assurance of Business Continuity Greater Awareness of Public Need Adherence with Government Legislation Improved Quality of Information Better Management of Risk Greater Staff Awareness of Information Governance Greater Awareness of the Security of Information Staff Assigned to Key Roles Taking the Strategy Forward Data Audit and Validation Public Confidence in the Management of Information Records Management 10 Page 3 of 16
4 9.4 Incident Reporting Business Continuity Public Need and Involvement Government Legislation Quality Assurance Information Governance Toolkit Training Registration Authority Staff Responsibility for Information Governance Equality Impact Assessment Dissemination and Implementation Process for Monitoring Compliance and Effectiveness Standards/Key Performance Indicators References Associated Documents 13 Appendices Appendix A Monitoring Table 14 Appendix B Equality Impact Assessment: Executive Summary 16 Page 4 of 16
5 1. Introduction 1.1 What is Information Governance? Information Governance (IG) allows organisations and individuals to ensure that information is handled legally, securely, efficiently and effectively, in order to deliver the best possible care and service. IG provides the framework which enables NHS organisations to comply with legal and statutory requirements, and best practice guidance when dealing with personal and nonpersonal information. This strategy sets out the approach to be taken, within the East of England Ambulance Service NHS Trust (EEAST), to provide the robust IG framework for the future management of information. 1.2 Information Governance Toolkit The Department of Health (DH) and NHS Information Authority set clear standards and national guidance for the handling of information which were representative of DH policy as of June The IG Toolkit is now under the auspices of Connecting for Health and has been developed to enable NHS Organisations to assess themselves with regard to their level of compliance with these national standards. Year on year improvement plans can be developed using this toolkit in order to assist the organisation to ensure compliance is maintained. IG has four fundamental aims and the toolkit has been developed with these in mind: To support the provision of high quality care by promoting the effective and appropriate use of information. To encourage responsible staff to work closely together, preventing duplication of effort and enabling more efficient use of resources. To develop support arrangements and provide staff with appropriate tools and support to enable them to discharge their responsibilities to consistently high standards. To enable organisations to understand their own performance and manage improvement in a systematic and effective way. The IG toolkit focuses on 5 initiatives: Information Governance Management Confidentiality and Data Protection Assurance Information Security Assurance Clinical Information Assurance Corporate Information Assurance 1.3 What does Information Governance encompass? IG provides a consistent way for employees to handle information, and encompasses the following: Data quality assurance Page 5 of 16
6 Caldicott sharing of patient identifiable information Consent to sharing of personal information Information security management Common law duty of confidentiality The Data Protection Act 1998 Records management The Freedom of Information Act 2000 Registration Authority 2. Purpose The Information Governance Strategy is underpinned by two key documents: The Information Governance Policy The action plan derived from the results of the IG toolkit This strategy should be read in conjunction with these two documents. Responsibility for the monitoring of IG is contained within the remit of the Director for Strategy and Business Development, however complying with the requirements of IG is an organisation-wide responsibility. 3. Duties 3.1 Trust Board Ultimate responsibility for information governance in the NHS rests with the Trust Board of each organisation. 3.2 Chief Executive As the accountable officer for the Trust, the Chief Executive is required to provide assurance that all risks to the Trust (including information risks) are effectively identified, managed and mitigated. Details of Serious Untoward Incidents involving data loss or confidentiality breaches must also be detailed in the annual report. 3.3 Senior Information Risk Owner A Board-level Senior Information Risk Owner (SIRO) will be responsible for the Trust s information risk and act as advocate for information risk on the Trust Board. In the Trust the SIRO is the Director of Strategy and Business Development. 3.4 Caldicott Guardian The Caldicott Guardian is responsible for protecting the confidentiality of patient and serviceuser information and enabling appropriate information-sharing. The Caldicott Guardian is responsible for providing advice within the Trust on the lawful and ethical processing of patient information. 3.5 Head of Information Governance Page 6 of 16
7 The Head of Information Governance is responsible for overseeing the information governance systems and processes within the Trust, raising awareness of information governance issues, and ensuring that good information governance practices are adopted. 3.6 Information Governance Manager The Information Governance Manager provides day-to-day operational support to the Head of Information Governance. 3.7 Other Staff Staff with areas of responsibility related to information governance are expected to have input to the Trust s information governance agenda, either by membership of the Information Governance Group, as responsible officers for IG Toolkit requirements, or by ad-hoc input, as required. 3.8 Consultation and Communication with Stakeholders This strategy is reviewed and approved by the Information Governance Group, which includes key information governance stakeholders from corporate and operational areas in the Trust. 4. Definitions 4.1 Information Governance (IG) Information Governance is an umbrella term which encompasses all the ways that the Trust acts to ensure that information remains secure, particularly person-identifiable and sensitive information, such as that relating to patients personal details, medical records, staff records, and Trust business. IG also covers the systems and procedures which allow NHS organisations and individuals to ensure that information is processed legally, securely, efficiently and effectively. Knowledge of information governance is important for any member of staff who is required to handle information as part of their job. 4.2 Information Governance Toolkit (IGT) The Information Governance Toolkit is an online assessment tool which is managed by NHS Connecting for Health. The Toolkit requires NHS organisations to self-assess annually against specific criteria relating to legislative compliance, government and NHS directives, best practice guidelines, and other information handling standards. Connecting for Health review the Toolkit annually, following the final submission of organisations scores at the end of March. 5. Development 5.1 Prioritisation of Work This strategy is required for staff information and reference and to support the Trust s wider Information Governance Framework. Page 7 of 16
8 5.2 Identification of Stakeholders Primary stakeholders are the Director of Strategy and Business Development (as the Trust SIRO), the Head of Information Governance, and members of the Information Governance Group. 5.3 Responsibility for Development of the Document The strategy has been developed by the Information Governance Manager, with review and approval by the Information Governance Group. 6. Link to EEAST Information Strategy The EEAST Information Governance Strategy has been developed to clearly define the way in which information should be dealt with in terms of processing, retention and disclosure. It clearly sets out the actions needed to make the best use of information and to raise the profile of the important role information has to play within the Trust. The Information Governance Strategy and Information Governance Policy are closely linked and should be cross-referenced as the increased use of information must be subject to governance in order to protect the Trust and the communities served. 7. The Importance of Information Governance Information is a valuable asset and should therefore be managed and protected appropriately. The Trust and all its employees, whether they are on permanent, fixed term or temporary contracts, have a legal obligation and a duty of confidence to ensure that any information processed is done so in line with legal requirements and best practice. IG provides the framework to ensure the Trust is managing information in line with these legal obligations and best practice guidance. In turn this will protect all users of its services, its staff and other stakeholders. 8. Key Principles of Information Governance 8.1 Improved Patient Care and Service Delivery EEAST collects an abundance of information from various sources, including emergency calls and non-emergency transport bookings. All of this information, in some way, will affect the care given to the patient. For example, an inaccurate location may result in a delay in response time or arriving late for an outpatient appointment. Poor quality information is not conducive to providing a high level of patient care or high quality service. 8.2 Greater Confidence in the Organisation All information processed by the Trust, both personal and non-personal, should be governed by policy. Guidelines on how this information should be handled, kept secure and maintained Page 8 of 16
9 should be readily available to all staff. Having reliable procedures in place to handle information will instil greater confidence in the users of and the stakeholders in EEAST. 8.3 Improved Access and Control of Records The effective management of records, both electronic and manual, is fundamental in allowing the Trust to meet its obligations under the Freedom of Information Act A Records Management Policy which includes the NHS Retention Schedule has been developed and is available for staff reference. 8.4 Reduction in Adverse Incidents The Management of Incidents Policy is accessible to all staff via the intranet. By highlighting the importance of adhering to this policy and drawing attention to any recurrent issues, the likelihood of similar incidents happening again should reduce as a consequence. 8.5 Improved Assurance of Business Continuity Due to the very nature of the Trust s business, EEAST operates several vital computerised information systems. It is essential that these are maintained at all times in order to continue to provide the service expected by stakeholders and the public. It is therefore crucial that, in the unfortunate event of the Trust business being compromised, assurances are in place that will ensure vital functions can be reinstated and continue with minimal disruption. 8.6 Greater Awareness of Public Need Being a public service, EEAST needs to be aware of the public s perception and views on the Trust. Involvement in discussions and surveys by the public is an integral part of maintaining a service tailored to the users needs. Information also needs to be fed back to the public on the results of measures taken along with other information that may be useful to them. 8.7 Adherence with Government Legislation Compliance with government legislation and national guidance will reduce the risks of complaints and litigation against the Trust. Trust contracts will reflect the need to comply with confidentiality legislation, e.g.: Data Protection Act 1998 Freedom of Information Act 2000 Caldicott Principles Confidentiality: NHS Code of Practice 2003 Records Management NHS Code of Practice (2009) Information Quality Assurance (Data Accreditation) Computer Misuse Act 1990 Human Rights Act 1998 Access to Health Records Act 1990 Electronic Communications Act Improved Quality of Information Information is a crucial element in decision-making. Without it judgements would be made on assumptions and guess-work. It is, therefore, essential that decisions made, and subsequent Page 9 of 16
10 reports, are based on the highest quality information. This will reduce the risk of wasted effort and resources in correcting errors. 8.9 Better Management of Risk Assessing compliance to standards enables the Trust to proactively identify and assess risks associated with not adopting the IG model. Preventative or corrective measures can then be taken to minimise the risk Greater Staff Awareness of Information Governance The training and development of staff, in IG requirements, will ensure they act accordingly. This will not only protect EEAST, but also the individual. This training should be embraced by the whole Trust and staff should be encouraged to participate Greater Awareness of the Security of Information Procedures will be in place to ensure that access is granted to information systems on a need to know basis. Security measures will also be present to prevent unauthorised access to systems from both internal and external routes e.g. malicious software. These will be backed up by policy and supported by Senior Management. Systems will be auditable and access to them logged Staff Assigned to Key Roles Staff, with appropriate levels of seniority, responsibility and expertise will be assigned to the key roles within IG. These individuals will have support from the Trust Board and will remain abreast of any relevant changes in policy, procedure etc. 9. Taking the Strategy Forward In order to take the Information Governance Strategy forward, the following action points need to be addressed: 9.1 Data audit and validation EEAST processes a vast amount of information that can directly affect patient care. It is essential that the accuracy of this information is checked on a regular basis to identify areas for improvement quickly. Regular audits of all the patient information systems in use within EEAST should be undertaken to identify any training needs. The Information Asset Owner for each system will be responsible for the validation process Staff information should also be maintained at the highest level of accuracy in order to comply with the Data Protection Act Staff information should be validated annually to ensure accuracy is maintained. 9.2 Public Confidence in the Management of Information All information processed within EEAST should be governed by policy. An Employees Code of Conduct for Confidentiality has been produced which details how information will be handled within the Trust. This has been made available via the Intranet and is also available to the public via the Freedom of Information Publication Scheme. Additional guidance for the public is also available on the Trust website. 9.3 Records Management Page 10 of 16
11 A Records Management Policy has been developed in order to allow the Trust to meet its obligations under the Freedom of Information Act This will also provide a greater focus on the need to maintain an effective means of accessing and controlling records. An appropriately trained records manager will oversee the adherence with this function. 9.4 Incident Reporting Staff should be encouraged to report incidents, no matter how minor they may appear. This would not only apply to clinical incidents, but also to information security breaches. These security incidents will be discussed at the Information Governance Group. Areas of weakness can be identified thereby preventing similar incidents occurring in the future. Serious Untoward Incidents relating to information security breaches will be reported to the Strategic Health Authority. 9.5 Business Continuity It is essential that the Trust has an up to date and tested business continuity plan in place. Failure to react effectively to a loss of services could have a detrimental effect on the care of patients. 9.6 Public Need and Involvement The views of the public should be included in service development. Results of patient surveys undertaken should be fed back to patient forums with details of any actions being taken as a consequence of these. 9.7 Government Legislation It is essential that all staff within EEAST comply with government legislation governing the use of information. Trust contracts will make specific mention of the requirement for confidentiality. 9.8 Quality Assurance The Trust will be committed to quality assurance in order to ensure that information processed is of the highest quality. 9.9 Information Governance Toolkit The Trust is committed to meeting the requirements of the IG Toolkit. By adhering to this initiative, the Trust will reduce the risks associated with poor information management. All relevant departments will be informed of their responsibilities via an agreed action plan Training The Learning and Development Unit of the Trust, in conjunction with the Information Governance Lead, is responsible for designing an Information Governance training package. This training is included within the mandatory training programme and uptake is monitored through the Learning and Development Unit. Information Governance is also included in the corporate induction programme and additional awareness raising exercises will be conducted on a regular basis via internal publications and workshops Registration Authority Page 11 of 16
12 Access to information will be on a strict need to know basis with all systems being audited on a regular basis. As part of the Connecting for Health programme, the Registration Authority (RA) will be responsible for authorising access to national information systems by means of a smart card. The RA function will be incorporated within the Information Governance Team Staff Responsibility for Information Governance Key staff throughout the Trust will be identified to have responsibility for Information Governance issues. These will work closely with the IG and Data Protection leads to ensure information is processed appropriately and securely. 10. Equality Impact Assessment An Equality impact Assessment has been undertaken. See Appendix B. 11. Dissemination and Implementation 11.1 Dissemination This Strategy will be disseminated to staff via the Trust intranet. Significant revisions and updates to the Policy will also be promoted in the staff bulletin Implementation Awareness of the Strategy and compliance with its requirements will be promoted via information governance training sessions, such as the induction programme for new Trust staff and annual refresher training for existing staff. The IG Team will monitor staff compliance with the requirements of the Strategy as part of their on-going work, and take action to rectify any perceived weaknesses in compliance as necessary. 12. Process for Monitoring Compliance and Effectiveness See Appendix A Monitoring Table. The security and integrity of the information processes within EEAST will be monitored for compliance by the Information Governance Group who will escalate any areas of concern to the Performance and Finance Committee. 13. Standards/Key Performance Indicators The Key Performance Indicator for this Strategy is satisfactory compliance with the requirements of the annual Information Governance Toolkit return. 14. References Page 12 of 16
13 Data Protection Act 1998 Freedom of Information Act 2000 Human Rights Act 1998 Access to Health Records Act 1990 Computer Misuse Act 1990 Crime and Disorder Act 1998 Electronic Communications Act Associated Documents Information Governance Policy Records Management Policy Information Security Policy Release of Information Policy Internet Use Policy Use Policy Freedom of Information Policy Page 13 of 16
14 Appendix A Monitoring Table What Who How Frequency Evidence Reporting arrangements Acting on recommendations Change in practice and lessons to be shared Information Governance Toolkit Information Governance Team. Progress reports from IG Team. Review of interim Toolkit scores. Review of independent internal audit reports. Bi-monthly updates at IGG. Annual report to Board. Formal written reports. Review by Information Governance Group. Formal progress reports will be discussed and required actions and timescales agreed. Decisions of the Group will be formally recorded in minutes. Head of Information Governance with support from the IG Team and designated IGG members. Review of processes underpinning the IG Toolkit scores, to improve the Trust s overall IG framework and hence compliance with the requirements of the Toolkit. Information Governance Risk Register Information Governance Team. SIRO. Progress reports from IG Team. Monitoring of the Trust Risk Register (4Risk). Bi-monthly updates at IGG. Annual report to Board. Summary reports from the 4Risk system. Review by Information Governance Group. Ongoing monitoring by the Risk Manager. Formal progress reports will be discussed at IGG and required actions and timescales agreed. Head of Information Governance. Other risk leads deemed responsible for the area where the IG risk occurs. Action taken to improve controls and mitigate any IG-related risks, reducing risk score. Decisions of the Group will be formally recorded in minutes. Information Governance Awareness Training Information Governance Team. Learning and Development. Training completion reports. Monthly reports from LDU. Bi-monthly updates at IGG. Formal written reports. Review by Information Governance Group. Ongoing monitoring by the Learning and Development Manager. Head of Information Governance. Learning and Development Manager. Action taken to ensure that all staff have completed either information governance induction training or annual refresher training. Page 14 of 16
15 Unit Formal progress reports will be discussed at IGG and required actions and timescales agreed. Decisions of the Group will be formally recorded in minutes. Page 15 of 16
16 Appendix B Equality Impact Assessment: Executive Summary Executive Summary Page for Equality Impact Assessment: Document Reference: Version 2.1 Document Title: IG Strategy Assessment Date: 23 rd July 2012 Responsible Director: Strategy and Bus. Dev. Document Type: Strategy Lead Manager: Head of IG Conclusion of Equality Impact Assessment: The Strategy is E&D neutral and has no impact, positive or negative. Recommendations for Action Plan: None. Risks Identified: None. Approved by a member of the executive team: YES Name: Adrian Matthews Signature: - by - Date: 25 th July 2012 NO Position: Director of Strategy & Business Development This whole document should be stored with the master document and a final approved electronic copy must be sent to the Equality & Diversity Lead at Bedford Office Page 16 of 16
INFORMATION GOVERNANCE STRATEGY
INFORMATION GOVERNANCE STRATEGY Page 1 of 10 Strategy Owner Valerie Penn, Head of Governance Strategy Author Caroline Law, Information Governance Project Manager Directorate Corporate Governance Ratifying
More informationInformation Governance Strategy 2015/16
Information Governance Strategy 2015/16 Ratified Governing Body (November 2015) Status Final Issued November 2015 Approved By Executive Committee (August 2015) Consultation Equality Impact Assessment Internal
More informationNHS Newcastle Gateshead Clinical Commissioning Group. Information Governance Strategy 2015/16
NHS Newcastle Gateshead Clinical Commissioning Group Information Governance Strategy 2015/16 Document Status Equality Impact Assessment Document Ratified/Approved By Approved No impact NHS Quality, Safety
More informationNHS North Durham Clinical Commissioning Group. Information Governance Strategy 2015/16
NHS North Durham Clinical Commissioning Group Information Governance Strategy 2015/16 Document Status Equality Impact Assessment Document Ratified/Approved By Final No impact Risk and Audit Committee/Governing
More informationINFORMATION GOVERNANCE OPERATING POLICY & FRAMEWORK
INFORMATION GOVERNANCE OPERATING POLICY & FRAMEWORK Log / Control Sheet Responsible Officer: Chief Finance Officer Clinical Lead: Dr J Parker, Caldicott Guardian Author: Associate IG Specialist, Yorkshire
More informationNHS Hartlepool and Stockton-on-Tees Clinical Commissioning Group. Information Governance Strategy 2015/16
NHS Hartlepool and Stockton-on-Tees Clinical Commissioning Group Information Governance Strategy 2015/16 Document Status Equality Impact Assessment Final No impact Document Ratified/Approved By Hartlepool
More informationAll CCG staff. This policy is due for review on the latest date shown above. After this date, policy and process documents may become invalid.
Policy Type Information Governance Corporate Standing Operating Procedure Human Resources X Policy Name CCG IG03 Information Governance & Information Risk Policy Status Committee approved by Final Governance,
More informationInformation Governance Strategy. Version No 2.0
Plymouth Community Healthcare CIC Information Governance Strategy Version No 2.0 Notice to staff using a paper copy of this guidance. The policies and procedures page of PCH Intranet holds the most recent
More informationInformation Governance Strategy
Information Governance Strategy ONCE PRINTED OFF, THIS IS AN UNCONTROLLED DOCUMENT. PLEASE CHECK THE INTRANET FOR THE MOST UP TO DATE COPY Target Audience: All staff employed or working on behalf of the
More informationInformation Governance Policy
Information Governance Policy REFERENCE NUMBER IG 101 / 0v3 May 2012 VERSION V1.0 APPROVING COMMITTEE & DATE Clinical Executive 4.9.12 REVIEW DUE DATE May 2015 West Lancashire CCG is committed to ensuring
More informationPolicy Document Control Page
Policy Document Control Page Title Title: Information Governance Policy Version: 5 Reference Number: CO44 Keywords: Information Governance Supersedes Supersedes: Version 4 Description of Amendment(s):
More informationA Question of Balance
A Question of Balance Independent Assurance of Information Governance Returns Audit Requirement Sheets Contents Scope 4 How to use the audit requirement sheets 4 Evidence 5 Sources of assurance 5 What
More informationINFORMATION GOVERNANCE POLICY
INFORMATION GOVERNANCE POLICY Primary Intranet Location Information Management & Governance Version Number Next Review Year Next Review Month 7.0 2018 January Current Author Phil Cottis Author s Job Title
More informationINFORMATION GOVERNANCE POLICY
INFORMATION GOVERNANCE POLICY Version: 3.2 Authorisation Committee: Date of Authorisation: May 2014 Ratification Committee Level 1 documents): Date of Ratification Level 1 documents): Signature of ratifying
More informationVersion Number Date Issued Review Date V1 25/01/2013 25/01/2013 25/01/2014. NHS North of Tyne Information Governance Manager Consultation
Northumberland, Newcastle North and East, Newcastle West, Gateshead, South Tyneside, Sunderland, North Durham, Durham Dales, Easington and Sedgefield, Darlington, Hartlepool and Stockton on Tees and South
More informationINFORMATION GOVERNANCE POLICY
INFORMATION GOVERNANCE POLICY Information Governance Policy_v2.0_060913_LP Page 1 of 14 Information Reader Box Directorate Purpose Document Purpose Document Name Author Corporate Governance Guidance Policy
More informationInformation Governance Strategy
Information Governance Strategy To whom this document applies: All Trust staff, including agency and contractors Procedural Documents Approval Committee Issue Date: January 2010 Version 1 Document reference:
More informationINFORMATION GOVERNANCE AND SECURITY 1 POLICY DRAFTED BY: INFORMATION GOVERNANCE LEAD 2 ACCOUNTABLE DIRECTOR: SENIOR INFORMATION RISK OWNER
INFORMATION GOVERNANCE AND SECURITY 1 POLICY DRAFTED BY: INFORMATION GOVERNANCE LEAD 2 ACCOUNTABLE DIRECTOR: SENIOR INFORMATION RISK OWNER 3 APPLIES TO: ALL STAFF 4 COMMITTEE & DATE APPROVED: AUDIT COMMITTEE
More informationInformation Governance Policy
Information Governance Policy Version: Revised: Consultation: Ratified by: 1.0 Information Governance Committee Governance Committee Date ratified: 19 March 2008 Name of originator/author: David McGrath
More informationInformation Governance Framework and Strategy. November 2014
November 2014 Authorship : Committee Approved : Chris Wallace Information Governance Manager CCG Senior Management Team and Joint Trade Union Partnership Forum Approved Date : November 2014 Review Date
More informationInformation Governance Policy
Author: Susan Hall, Information Governance Manager Owner: Fiona Jamieson, Assistant Director of Healthcare Governance Publisher: Compliance Unit Date of first issue: February 2005 Version: 5 Date of version
More informationInformation Governance Strategy. Version No 2.1
Livewell Southwest Information Governance Strategy Version No 2.1 Notice to staff using a paper copy of this guidance. The policies and procedures page of LSW Intranet holds the most recent version of
More informationINFORMATION GOVERNANCE POLICY
INFORMATION GOVERNANCE POLICY Name of Policy Author: Name of Review/Development Body: Ratification Body: Ruth Drewett Information Governance Steering Group Committee Trust Board : April 2015 Review date:
More informationInformation Governance Policy
Information Governance Policy Policy ID IG02 Version: V1 Date ratified by Governing Body 27/09/13 Author South Commissioning Support Unit Date issued: 21/10/13 Last review date: N/A Next review date: September
More informationINFORMATION GOVERNANCE STRATEGIC VISION, POLICY AND FRAMEWORK
INFORMATION GOVERNANCE STRATEGIC VISION, POLICY AND FRAMEWORK Policy approved by: Assurance Committee Date: 3 December 2014 Next Review Date: December 2016 Version: 1.0 Information Governance Strategic
More information1.5 The Information Governance Policy should be read in conjunction with the Information Governance Strategy.
Title: Reference No: NHSNYYIG - 007 Owner: Author: INFORMATION GOVERNANCE POLICY Director of Standards First Issued On: September 2010 Latest Issue Date: February 2012 Operational Date: February 2012 Review
More informationInformation Governance Policy
Information Governance Policy Policy Summary This policy outlines the organisation s approach to the management of Information Governance and information handling. It explains the accountability and reporting
More informationINFORMATION GOVERNANCE POLICY
Directorate of Performance Assurance INFORMATION GOVERNANCE POLICY Reference: DCP074 Version: 2.5 This version issued: 27/03/15 Result of last review: Minor changes Date approved by owner (if applicable):
More informationINFORMATION GOVERNANCE POLICY
INFORMATION GOVERNANCE POLICY Version Version 1 Ratified By Date Ratified PROPOSED FOR APPROVAL 15/11/12 Author(s) Responsible Committee / Officers Date Issue November 2012 Review Date November 2013 Intended
More informationInformation Governance Policy
Information Governance Policy Version: 4 Bodies consulted: Caldicott Guardian, IM&T Directors Approved by: MT Date Approved: 27/10/2015 Lead Manager: Governance Manager Responsible Director: SIRO Date
More informationInformation Governance Policy
Information Governance Policy Information Governance Policy Issue Date: June 2014 Document Number: POL_1008 Prepared by: Information Governance Senior Manager Insert heading depending on Insert line heading
More informationInformation Governance Strategy :
Item 11 Strategy Strategy : Date Issued: Date To Be Reviewed: VOY xx Annually 1 Policy Title: Strategy Supersedes: All previous Strategies 18/12/13: Initial draft Description of Amendments 19/12/13: Update
More informationInformation Governance Plan
Information Governance Plan 2013 2015 1. Overview 1.1 Information is a vital asset, both in terms of the clinical management of individual patients and the efficient organisation of services and resources.
More informationMOORLAND SURGICAL SUPPLIES LTD INFORMATION GOVERNANCE POLICY
MOORLAND SURGICAL SUPPLIES LTD INFORMATION GOVERNANCE POLICY Moorland is committed to ensuring that, as far as it is reasonably practicable, the way we provide services to the public and the way we treat
More informationINFORMATION GOVERNANCE POLICY
INFORMATION GOVERNANCE POLICY Issued by: Senior Information Risk Owner Policy Classification: Policy No: POLIG001 Information Governance Issue No: 1 Date Issued: 18/11/2013 Page No: 1 of 16 Review Date:
More informationNHS Commissioning Board: Information governance policy
NHS Commissioning Board: Information governance policy DOCUMENT STATUS: To be approved / Approved DOCUMENT RATIFIED BY: DATE ISSUED: October 2012 DATE TO BE REVIEWED: April 2013 2 AMENDMENT HISTORY: VERSION
More informationNHS Waltham Forest Clinical Commissioning Group Information Governance Policy
NHS Waltham Forest Clinical Commissioning Group Information Governance Policy Author: Zeb Alam & David Pearce Version 3.0 Amendments to Version 2.1 Updates made in line with National Guidance and Legislation
More informationInformation Governance Policy. 2 RESPONSIBLE PERSON: Steve Beeho, Head of Integrated Governance. All CCG-employed staff.
Information Governance Policy 1 SUMMARY This policy is intended to ensure that staff are fully aware of their Information Governance (IG) responsibilities, so that they can effectively manage and best
More informationInformation Governance Policy
Policy Policy Number / Version: v2.0 Ratified by: Audit Committee Date ratified: 25 th February 2015 Review date: 24 th February 2016 Name of originator/author: Name of responsible committee/individual:
More informationTrust Informatics Policy. Information Governance. Information Governance Policy
Trust Informatics Policy Information Governance Policy Reference: TIP/IG/IGP I:\IG\IGM\IGT\March 2011\Document Library\Policies\Approved/ - 1 Document Control Policy Title Author/Contact Document Reference
More informationInformation Governance Strategy
Information Governance Strategy THCCGCG9 Version: 01 The information governance strategy outlines the CCG governance aims and the key objectives of its governance policies. The Chief officer has the overarching
More informationJOB DESCRIPTION. Information Governance Manager
JOB DESCRIPTION POST TITLE: Information Governance Manager DIRECTORATE: ACCOUNTABLE TO: BAND: LOCATION: CSS Head of Information Governance 8a CSS Job Purpose The Information Governance Manager will ensure
More informationInformation Incident Management and Reporting Procedures
` Information Incident Management and Reporting Procedures Compliance with all CCG policies, procedures, protocols, guidelines, guidance and standards is a condition of employment. Breach of policy may
More informationInformation Governance Framework
Information Governance Framework Authorship: Chris Wallace, Information Governance Manager Committee Approved: Integrated Audit and Governance Committee Approved date: 11th March 2014 Review Date: March
More informationINFORMATION GOVERNANCE POLICY
INFORMATION GOVERNANCE POLICY Including the Information Governance Strategy Framework and associated Information Governance Procedures Last Review Date Approving Body N/A Governing Body Date of Approval
More informationInformation Governance Strategy & Policy
Information Governance Strategy & Policy March 2014 CONTENT Page 1 Introduction 1 2 Strategic Aims 1 3 Policy 2 4 Responsibilities 3 5 Information Governance Reporting Structure 4 6 Managing Information
More informationINFORMATION GOVERNANCE POLICY & FRAMEWORK
INFORMATION GOVERNANCE POLICY & FRAMEWORK Version 1.2 Committee Approved by Audit Committee Date Approved 5 March 2015 Author: Responsible Lead: Associate IG Specialist, YHCS Corporate & Governance Manger
More informationBarnsley Clinical Commissioning Group. Information Governance Policy and Management Framework
Putting Barnsley People First Barnsley Clinical Commissioning Group Information Governance Policy and Management Framework Version: 1.1 Approved By: Governing Body Date Approved: 16 January 2014 Name of
More informationInformation Governance Policy
Information Governance Policy Reference: Information Governance Policy Date Approved: April 2013 Approving Body: Board of Trustees Implementation Date: April 2013 Version: 6 Supersedes: 5 Stakeholder groups
More informationSubject Access Request (SAR) Procedure
Subject Access Request (SAR) Procedure East and North Hertfordshire Clinical Commissioning Group Page 1 of 16 DOCUMENT CONTROL SHEET Document Owner: Chief Finance Officer Document Author(s): Anne Ephgrave
More informationINFORMATION GOVERNANCE AND DATA PROTECTION POLICY
INFORMATION GOVERNANCE AND DATA PROTECTION POLICY WN CCG Information Governance & Data Protection Policy July 2013 1 Document Control Sheet Name of Document: Information Governance & Data Protection Policy
More informationInformation Governance Policy (incorporating IM&T Security)
(incorporating IM&T Security) ONCE PRINTED OFF, THIS IS AN UNCONTROLLED DOCUMENT. PLEASE CHECK THE INTRANET FOR THE MOST UP TO DATE COPY Target Audience: All staff employed or working on behalf of the
More informationData Quality Policy SH NCP 2. Version: 5. Summary:
SH NCP 2 Summary: Keywords (minimum of 5): (To assist policy search engine) Target Audience: The Trust provides a framework to ensure all data that is recorded by the Trust is accurate and complies to
More informationHow To Ensure Information Security In Nhs.Org.Uk
Proforma: Information Policy Security & Corporate Policy Procedures Status: Approved Next Review Date: April 2017 Page 1 of 17 Issue Date: June 2014 Prepared by: Information Governance Senior Manager Status:
More informationINFORMATION GOVERNANCE POLICY
INFORMATION GOVERNANCE POLICY POLICY NO IM&T 011 DATE RATIFIED January 2012 NEXT REVIEW DATE January 2015 POLICY STATEMENT/KEY OBJECTIVE: To provide an overarching framework through which Information Governance
More informationInformation Governance Policy Version - Final Date for Review: 1 October 2017 Lead Director: Performance, Quality and Cooperate Affairs
Information Governance Policy Version - Final Date for Review: 1 October 2017 Lead Director: Performance, Quality and Cooperate Affairs NOTE: This is a CONTROLLED Document. Any documents appearing in paper
More informationNHS DORSET CLINICAL COMMISSIONING GROUP GOVERNING BODY INFORMATION GOVERNANCE TOOLKIT REPORT
NHS DORSET CLINICAL COMMISSIONING GROUP GOVERNING BODY INFORMATION GOVERNANCE TOOLKIT REPORT 9.7 Date of the meeting 15/07/2015 Author Sponsoring Clinician Purpose of Report Recommendation J Green - Head
More informationINFORMATION GOVERNANCE POLICY
ENFIELD CLINICAL COMMISSIONING GROUP INFORMATION GOVERNANCE POLICY PLEASE DESTROY ALL PREVIOUS VERSIONS OF THIS DOCUMENT Enfield CCG Information Governance Policy Information Governance Policy (Policy
More informationInformation Incident Management. and Reporting Policy
Information Incident Management and Reporting Policy Policy ID IG10 Version: 1 Date ratified by Governing Body 21/3/2014 Author South CSU Date issued: 21/3/2014 Last review date: N/A Next review date:
More informationInformation Governance Policy
Information Governance Policy UNIQUE REF NUMBER: AC/IG/013/V1.2 DOCUMENT STATUS: Approved by Audit Committee 19 June 2013 DATE ISSUED: June 2013 DATE TO BE REVIEWED: June 2014 1 P age AMENDMENT HISTORY
More informationLancashire County Council Information Governance Framework
Appendix 'A' Lancashire County Council Information Governance Framework Introduction Information Governance provides a framework for bringing together all of the requirements, standards and best practice
More informationNETWORK SECURITY POLICY
NETWORK SECURITY POLICY Policy approved by: Governance and Corporate Affairs Committee Date: December 2014 Next Review Date: August 2016 Version: 0.2 Page 1 of 14 Review and Amendment Log / Control Sheet
More informationD-CRIS Information Governance Assurance
D-CRIS Information Governance Assurance Date: 05 08 2013 Version: 1.0 Author: Murat Soncul Contents 1. Introduction... 3 2. CRIS Security Model... 3 3. SLaM Information Governance Framework... 4 4. Roles
More informationCONTRACTS REVIEW FOR INFORMATION GOVERNANCE COMPLIANCE PROCEDURE
This document is uncontrolled once printed. Please check on the CCG s Intranet site for the most up to date version CONTRACTS REVIEW FOR INFORMATION GOVERNANCE COMPLIANCE PROCEDURE Document Title: Contracts
More informationInformation Governance and Data Protection Policy
Information Governance and Data Protection Policy Page 1 of 21 Document Control Sheet Name of document: Version: Owner: File location / Filename: Information Governance and Data Protection Policy Final
More informationSOMERSET PARTNERSHIP NHS FOUNDATION TRUST RECORDS MANAGEMENT STRATEGY. Report to the Trust Board 22 September 2015. Information Governance Manager
SOMERSET PARTNERSHIP NHS FOUNDATION TRUST RECORDS MANAGEMENT STRATEGY Report to the Trust Board 22 September 2015 Sponsoring Director: Author: Purpose of the report: Key Issues and Recommendations: Director
More informationHow To Ensure Network Security
NETWORK SECURITY POLICY Policy approved by: Assurance Committee Date: 3 December 2014 Next Review Date: December 2016 Version: 1.0 Page 1 of 12 Review and Amendment Log/Control Sheet Responsible Officer:
More informationInformation Governance Strategy and Policy. OFFICIAL Ownership: Information Governance Group Date Issued: 15/01/2015 Version: 2.
Information Governance Strategy and Policy Ownership: Information Governance Group Date Issued: 15/01/2015 Version: 2.0 Status: Final Revision and Signoff Sheet Change Record Date Author Version Comments
More informationInformation Management Policy CCG Policy Reference: IG 2 v4.1
Information Management Policy CCG Policy Reference: IG 2 v4.1 Document Title: Policy Information Management Document Status: Final Page 1 of 15 Issue date: Nov-2015 Review date: Nov-2016 Document control
More informationInformation Governance Management Framework
Information Governance Management Framework Responsible Officer Author Business Planning & Resources Director Governance Manager Date effective from October 2015 Date last amended October 2015 Review date
More informationPolicy: D9 Data Quality Policy
Policy: D9 Data Quality Policy Version: D9/02 Ratified by: Trust Management Team Date ratified: 16 th October 2013 Title of Author: Head of Knowledge Management Title of responsible Director Director of
More informationGeneral Register Office for Scotland information about Scotland s people. Paper NHSCR GB 1/08. NHSCR Scotland Information Governance Standards
General Register Office for Scotland information about Scotland s people Paper NHSCR GB 1/08 NHSCR Scotland Information Governance s This is a draft on which the Board s comments would be welcome. Contents
More informationCORPORATE POLICY & PROCEDURE NO. 7 INFORMATION GOVERNANCE POLICY. December 2014
CORPORATE POLICY & PROCEDURE NO. 7 INFORMATION GOVERNANCE POLICY December 2014 DOCUMENT INFORMATION Author: Barbara Sansom Information Governance Manager Equality Impact Assessment Consultation & Approval
More informationUSE OF PERSONAL MOBILE DEVICES POLICY
Policies and Procedures USE OF PERSONAL MOBILE DEVICES POLICY Date Approved by Information Strategy Group Version Issue Date Review Date Executive Lead Information Asset Owner Author 15.04.2014 1.0 01/08/2014
More informationSALISBURY NHS FOUNDATIONTRUST
SALISBURY NHS FOUNDATIONTRUST PAPER SHC 1738 TITLE Information Governance Policy PURPOSE OF PAPER The Information Governance Policy was first approved in April 2005. It is currently due for review to ensure
More informationRISK MANAGEMENT STRATEGY 2014-17
RISK MANAGEMENT STRATEGY 2014-17 DOCUMENT NO: Lead author/initiator(s): Contact email address: Developed by: Approved by: DN128 Head of Quality Performance Julia.sirett@ccs.nhs.uk Quality Performance Team
More informationPolicies for: Information Governance Information Quality Information Management Information Security. Version Control Version: 0.1
Policies for: Information Governance Information Quality Information Management Information Security Approved by: None this version Date approved: Name of originator/author: Ade Oduntan, Mike Hellier,
More informationPolicy Checklist. Head of Information Governance
Policy Checklist Name of Policy: Information Governance Policy Purpose of Policy: To provide guidance to all staff on their responsibilities regarding information governance and to ensure that the Trust
More informationInformation Governance Framework
Information Governance Framework March 2014 CONTENT Page 1 Introduction 1 2 Strategic Aim 2 3 Purpose, Values and Principles 2 4 Scope 3 5 Roles and Responsibilities 3 6 Review 5 Appendix 1 - Information
More informationFurther to reports to EAG in February and March 2014, the purpose of this report is to;
Report to: Trust Board of Directors Date of Meeting: 29 May 2014 Report Title: Annual Information Governance Report 13/14 Status: Mark relevant box with X Prepared by: Executive Sponsor (presenting): Appendices
More informationNHS Waltham Forest Clinical Commissioning Group Information Governance Strategy
NHS Waltham Forest Clinical Commissioning Group Governance Strategy Author: Zeb Alam, CCG IG Lead, (NELCSU) David Pearce, Head of Governance, WFCCG Version 3.0 Amendments to Version 2.1 Annual Review Reference
More informationNHS Lanarkshire Information Governance Committee
INFORMATION GOVERNANCE COMMITTEE DRAFT TERMS OF REFERENCE Name Purpose NHS Lanarkshire Information Governance Committee To provide direction of and oversee the development of NHS Lanarkshire Information
More informationInformation Governance Policy
Information Governance Policy Document Number 01 Version Number 2.0 Approved by / Date approved Effective Authority Customer Services & ICT Authorised by Assistant Director Customer Services & ICT Contact
More informationInformation Governance Policy
Information Governance Policy 1 Introduction Healthwatch Rutland (HWR) needs to collect and use certain types of information about the Data Subjects who come into contact with it in order to carry on its
More informationSouth East Coast Ambulance Service NHS Trust. Information Governance Working Group. Terms of Reference
South East Coast Ambulance Service NHS Trust Information Governance Working Group Terms of Reference 1. Constitution 1.1. The Board hereby resolves to establish a Working Group of the Risk Management &
More informationInformation Incident Management and Reporting Procedures
Information Incident Management and Reporting Procedures Compliance with all policies, procedures, protocols, guidelines, guidance and standards is a condition of employment. Breach of policy may result
More informationNo Smoking Policy. No Smoking Policy
No Smoking Policy Document Status Version: V2.0 Approved DOCUMENT CHANGE HISTORY Initiated by Date Author HR Version Date Comments (i.e. viewed, or reviewed, amended approved by person or committee) V1.1
More informationCCG: IG06: Records Management Policy and Strategy
Corporate CCG: IG06: Records Management Policy and Strategy Version Number Date Issued Review Date V3 08/01/2016 01/01/2018 Prepared By: Consultation Process: Senior Governance Manager, NECS CCG Head of
More informationInformation Governance Policy
Information Governance Policy Version 1.1 Responsible Person Information Governance Manager Lead Director Head of Corporate Services Consultation Route Information Governance Steering Group Approval Route
More informationJob Description. Line Management of a small team of staff administrating and managing patient and professional feedback and incidents.
Job Description Job Title Pay Band Base Dept./Team Responsible to Accountable to Responsible for Complaints, Incidents and Governance Manager New Alderley House, Macclesfield Eastern Cheshire Clinical
More informationNetwork Security Policy
Department / Service: IM&T Originator: Ian McGregor Deputy Director of ICT Accountable Director: Jonathan Rex Interim Director of ICT Approved by: County and Organisation IG Steering Groups and their relevant
More informationHow To Manage Risk In Ancient Health Trust
SharePoint Location Non-clinical Policies and Guidelines SharePoint Index Directory 3.0 Corporate Sub Area 3.1 Risk and Health & Safety Documents Key words (for search purposes) Risk, Risk Management,
More informationPOLICY AND PROCEDURE FOR INFORMATION GOVERNANCE & INFORMATION RISK
1 TRUST-WIDE SERVICE BASED POLICY POLICY AND PROCEDURE FOR INFORMATION GOVERNANCE & INFORMATION RISK Policy Number: Scope of this Document: Recommending Committee: Approving Committee: IT12 All Staff Information
More informationGloucestershire Hospitals
Gloucestershire Hospitals NHS Foundation Trust TRUST POLICY In the case of hard copies of this policy the content can only be assured to be accurate on the date of issue marked on the document. The Policy
More informationInformation Governance Standards in Relation to Third Party Suppliers and Contractors
Information Governance Standards in Relation to Third Party Suppliers and Contractors Document Summary Ensure staff members are aware of the standards that should be in place when considering engaging
More informationDate of review: January 2016 Policy Category: Corporate Sponsor (Director): Chief Executive CONTENT SECTION DESCRIPTION PAGE.
Title: Information Governance Policy Date Approved: Approved by: Date of review: Policy Ref: Issue: January 2015 Information Governance Group Division/Department: January 2016 Policy Category: ISP-04 5
More informationType of change. V02 Review Feb 13. V02.1 Update Jun 14 Section 6 NPSAS Alerts
Document Title Reference Number Lead Officer Author(s) (name and designation) Ratified By Central Alerting System (CAS) Policy NTW(O)17 Medical Director Tony Gray Head of Safety and Patient Experience
More informationDate of review: Information Governance Group January 2016. Policy Category: CONTENT SECTION DESCRIPTION PAGE
Title: Date Approved: January 2015 Division/Department: Corporate Services Corporate Records Policy Approved by: Date of review: Information Governance Group January 2016 Author (post-holder): Interim
More informationNHS Business Services Authority Information Security Policy
NHS Business Services Authority Information Security Policy NHS Business Services Authority Corporate Secretariat NHSBSAIS001 Issue Sheet Document reference NHSBSARM001 Document location F:\CEO\IGM\IS\BSA
More informationNorth Cumbria University Hospitals NHS Trust - FoI 000999 Enclosure 01. Job Description
1. JOB DETAILS Job Description Job title: Head of Communications and Reputation Management Accountable to: Director of Strategic Planning and Clinical Governance Location: Trust-wide across both hospital
More information