INFORMATION GOVERNANCE POLICY

Save this PDF as:
 WORD  PNG  TXT  JPG

Size: px
Start display at page:

Download "INFORMATION GOVERNANCE POLICY"

Transcription

1 INFORMATION GOVERNANCE POLICY POLICY NO IM&T 011 DATE RATIFIED January 2012 NEXT REVIEW DATE January 2015 POLICY STATEMENT/KEY OBJECTIVE: To provide an overarching framework through which Information Governance requirements will be met ACCOUNTABLE DIRECTOR: Dave Tomlinson - Senior Information Risk Officer (SIRO) POLICY AUTHOR: Information Governance Lead Date of Issue: November of 25

2 Subject Information Governance Policy Applicable to Staff, colleagues, Service Users and Carers and families and applicable for all Trust business i.e. with contractors, agencies and partners Key Policy Issues Responsibilities, strategy and framework Date Issued January 2012 Dates Policy Reviewed January 2012 Next Review Due Date January 2015 Policy Written By Consultation Policy Reviewed By Lead Responsible for Policy Monitoring Arrangements Approved by Authorised by Information Governance Lead Clinical Records and IG Group, SIRO Advisory Group, IG Specialists SIRO, SIRO Advisory Group IG Assurance Lead, IG Specialist IG Assurance Lead By SIRO Advisory Group and IG Lead on annual basis SIRO/Director of Finance SIRO/Director of Finance Signature Date of Issue: January of 25

3 CONTENTS Executive Summary 2 Content Page Introduction Rationale Scope Principles... 4 Appendices 2.0 Responsibilities 2.1 Management Responsibilities Legal Compliance Policy 4.1 Information Governance management Openness Information Security Confidentiality Information Quality Assurance Improvement Plan and assessment Implementation Policy Links National Context Training Audit 12 Information Governance Requirements (IGT) 13 Information Governance Strategy 16 Information Governance IG e-learning Matrix 20 Information Governance Framework 21 Policy Equality and Diversity Assessment 22 Date of Issue: January of 25

4 1.0 INTRODUCTION 1.1 Information is a vital organisational asset, both in terms of the clinical management of individual patients and the efficient management of services and resources. It plays a key part in clinical governance, service planning and performance management. It is therefore of paramount importance to ensure that information is efficiently managed and that appropriate policies, procedures, management accountability and structures provide a robust governance framework for the continual improvement of information management. The Trust will establish and maintain policies and procedures to ensure compliance with requirements contained in the Information Governance Toolkit (IGT), and NHS Litigation Authority (NHSLA.) 1.2 Rationale The aim of the policy is to provide the employees of Lancashire Care NHS Foundation Trust with a simple framework through which the elements of Information Governance will be met. 1.3 Scope This policy applies to the governance of information produced, handled, used and transferred by the Trust including: Patient information paper and electronic Human resources information Finance information Governance information Organisational administrative information This policy covers all information systems purchased, developed and managed by or on behalf of the Trust, any individual directly employed or otherwise by the Trust and its partner organisations. 1.4 Principles The Trust recognises the need for an appropriate balance between openness and confidentiality in the management and use of its information. The Trust fully supports the principles of corporate governance and recognises its public accountability, but equally places importance on the confidentiality of, and the security arrangements to safeguard, both personal information about patients and staff and commercially sensitive information. The Trust also recognises the need to share patient information with other health organisations and other agencies in a controlled manner consistent with the interests of the patient and, in some circumstances, the public Date of Issue: January of 25

5 interest. These transfers of information are governed by a tiered Information Sharing Agreement signed either by the Chief Executive Officer (CEO), Senior Information Risk Officer (SIRO) or Caldicott Guardian. The Trust believes that accurate, timely and relevant information is essential to deliver the highest quality health care. As such it is the responsibility of all staff; administrative, clinical and management, to ensure and promote the quality of information and to actively use it in decision making processes. There are four key interlinked strands to the Information Governance Policy: Openness Legal Compliance Information Security Quality Assurance 2.0 RESPONSIBILITIES and ROLES 2.1 This policy, applies to all staff working within the Trust including any individual directly employed or otherwise by the organisation for example, third party contracting staff, temporary staff, locum or bank staff. Managers within the Trust are responsible for ensuring that the policy and its supporting standards and guidelines are built into local processes and that there is ongoing compliance. It is the role of the Trust board, or delegated sub-group or SIRO, to ratify Trust policy in respect of Information Governance, taking into account legal and NHS requirements. The board is also responsible for ensuring that sufficient resources are provided to support requirements of this policy. 2.2 Lancashire Care NHS Foundation (LCFT) Trust Board It is the role of the LCFT Board to define the Trust s Policy in respect of Information Governance, taking into account both legal and NHS requirements. The Board is also responsible for ensuring that sufficient resources are provided to support the requirements of the Policy. 2.3 Chief Executive Officer (CEO) The CEO as accountable officer of LCFT has overall accountability for Information Governance and will provide assurance through the Statement of Internal Control, that all information risks are effectively managed and mitigated. 2.4 Senior Information Risk Officer (SIRO) The Executive Director of Finance is the director responsible for Information Risk Assurance and is delegated as the Trust Senior Information Risk Officer (SIRO.) The SIRO takes ownership of Information Risk Policy, acts as an advocate for information risk on the Trust board and provides written Date of Issue: January of 25

6 advice to the Chief Executive Officer (CEO) on the content of the Statement of Internal Control in regard to information risk. 2.5 The SIRO is required to undertake strategic information risk management training as a minimum annually. 2.6 Key responsibilities of the SIRO are: To oversee the development of an Information Risk Policy and a strategy for implementing the policy within the existing Information Governance Framework To take ownership of the risk assessment process for information risk, including review of the annual information risk assessment to support and inform the Statement of Internal Control To ensure each network and services undertake risk assessments to form the basis of the network and Trust Enterprise Assurance Management register, identifying controls and assurance against the risks To review and agree action/s in respect of identified information risks To ensure that the Trust approach to information risk is effective in terms of resource, commitment and execution and that this is communicated to all staff To provide a focal point for the resolution and/or discussion of information risk issues To ensure the Board is regularly adequately briefed on information risk issues 2.7 The Caldicott Guardian is responsible for ensuring that LCFT processes satisfy the highest practical standards for handling patient information. The Caldicott Guardian for LCFT will be responsible for ensuring the safe recording, storing and retention of all personal data and ensuring all information flows are mapped to exclude any leaks of information. The Caldicott Guardian will ensure that investigations resulting from issues raised by the Information Governance Lead or Health Records Manager are arranged and overseen and all information sharing agreements are negotiated and signed on behalf of the Trust. 2.8 Information Governance Lead The Information Governance (IG) Lead is responsible for overseeing the day to day Information Governance issues, providing guidance to the organisation, developing and maintaining related policies, protocols, strategies and procedures within the Information Governance framework Date of Issue: January of 25

7 and agenda and raising awareness on an on- going basis to staff of all levels across the Trust. The IG lead is responsible for co-ordinating the Information Governance Toolkit annual submission and periodic returns, providing regulatory progress reports for Monitor and support internal and external audit assurance processes. The IG Lead will fully support and assist the SIRO and Caldicott Guardian and carry out any investigations relating to breaches of confidentiality, suspected or confirmed, 2.9 All Managers All Managers are responsible for ensuring that the Policy and it s supporting standards and guidance are built into local processes and that there is ongoing compliance on a day to day basis. Any breaches or suspected breaches of confidentiality or information security must be referred for immediate investigation All staff includes permanent, temporary, contractors, locums, bank staff and any individual who has been given access to Trust network or systems. Individuals are responsible for ensuring that they familiarise themselves with relevant policies and guidance and that they understand the responsibilities set out in them. If individuals are unsure about any aspect of a Policy or guidance they must seek clarification from their line manager or the Information Governance team. Staff must ensure that they are compliant with legislative and regulatory requirements on a day to day basis Information Governance training is mandatory for all staff and forms part of the Trust Mandatory Training Policy. Therefore all staff are required to undertake annual IG e-learning training. Completion of this training is monitored to ensure compliance with the Information Governance Toolkit standard. 3.0 LEGAL COMPLIANCE 3.1 The Trust will undertake or commission assessments and audits of its compliance with legal requirements and will establish and maintain policy to ensure compliance with the governing legislation. 3.2 The Trust regards all identifiable personal information relating to patients and staff as confidential except where legislation on accountability and openness requires otherwise. 3.3 The Trust will establish and maintain policies and procedures for the controlled and appropriate sharing of patient information with other agencies e.g. Social care, Third Sector, taking account of relevant legislation, for example the Health and Social Care Act, Crime and Disorder Act and the Protection of Children Act. Date of Issue: January of 25

8 4.0 POLICY 4.1 Information Governance Management Information Governance management across the Trust will be co-ordinated by the Clinical Records and Information Governance Group and they will coordinate liaison with appropriate organisational departments and sub committees as work streams require. Outcomes from this group will be reported to the SIRO and Executive Management Team and the Caldiott Guardian The membership of the Clinical Records and Information Governance Group comprises of: Deputy Caldicott Guardian Health Records Manager Information Governance Lead Clinical Governance and Risk Pharmacy Lead Associate DIr of IM&T Operational Service Managers Clinical Representation e.g. Secure Services and Psychology The responsibilities of the group include but are not limited to: To develop and implement a systematic and planned strategy for the management of clinical records from the moment the need for a record to be created is identified, through its creation and maintenance to its ultimate disposal. To ensure that the Trust has timely access to reliable information. To ensure that clinical records are managed in compliance with the NHS Code of Practice on Records Management and ensure professional standards. To ensure that clinical record management procedures meet the requirements set out under the Data Protection Act 1998, the Freedom of Information Act 2000 and the NHS Patient Guarantee. To ensure compliance with all aspects of the NHS Information Governance Toolkit standards 4.2 Openness Service users should have ready access to information relating to their own health care, their options for treatment and their rights as patients. There are clear procedures and arrangements for handling queries from patients and the public. See Access to Health Records Policy Non-confidential information on the Trust and its services should be available to the public through a variety of media, in line with the principle of openness. The Trust will establish and maintain policy to ensure Date of Issue: January of 25

9 compliance with the Freedom of Information Act 2000, Data Protection Act 1998, Caldicott principles and will undertake or commission an annual review of its policies and arrangements of openness Availability of information for operational purposes will be maintained within set parameters relating to its importance via appropriate procedures and computer system security The Trust will have clear procedures and arrangements for liaison with the press and broadcasting media and for handling queries from service users and the public The Trust will ensure that the exchange / sharing of any information is only carried out when necessary, within the arena in which the Trust has registered and within strict guidelines under which the information was obtained and outlined at the time or with the person s consent. 4.3 Information Security Lancashire Care will establish, develop and maintain policies and procedures for the effective and secure management of its information assets and resources. It will continually assess and improve its information and IT security arrangements The Trust will promote effective confidentiality and security practice to its staff through policies, procedures and training and establish and maintain incident reporting procedures. It will monitor and investigate all reported instances of actual or potential breaches of confidentiality and security. The Trust incident reporting system Datix must be used to report, monitor and investigate breaches or potential breaches of security The Trust requires all its staff to ensure that all measures are taken to protect personal identifiable information (PID) both manual and electronic e.g. locking away information, using passwords to logon on to systems, only storing information on secure networks. 4.4 Confidentiality The Trust regards all identifiable personal information relating to service users and staff as confidential Individuals will be made aware of their responsibilities at local induction and through policy and training Staff non compliance with legal and regulatory frameworks will be monitored and managed through the Trust disciplinary procedure Risk assessment, in conjunction with overall priority planning of organisational activity will be undertaken to determine appropriate effective Date of Issue: January of 25

10 and affordable information governance controls are in place with respect to new service developments. 4.5 Information Quality Assurance The Trust will establish and maintain policies and procedures for information quality assurance and the effective management of records Managers are expected to take ownership of, and seek to improve, the quality of information within their services Wherever possible, information quality should be assured at the point of collection Data standards will be set through clear and consistent definition of data items, in accordance with National standards Internal and external audit, and compliance with regulatory agencies and other quality assurance processes such as Monitor, CQC and NHS LA will support this policy 4.6 Assessment and Improvement Plans A regulatory self- assessment is required annually for NHS organisations to ensure compliance with requirements of the Information Governance Toolkit (IGT). The organisation will identify staff to undertake Administration, Reviewer and User roles as described in the Information Governance Toolkit (IGT) as appropriate to the Trust. These responsibilities will sit within the Information department Annual reports and proposed action and development plans will be presented to the Trust board, SIRO or nominated group for approval prior to submission to Connecting for Health and thereafter Monitor and CQC The requirements are grouped in the following initiatives: Information Governance Management Confidentiality and Data Protection Assurance Information Security Assurance Clinical Information Assurance Secondary Uses Assurance Corporate Information Assurance Date of Issue: January of 25

11 5.0 POLICY IMPLEMENTATION The policy will be advised via E-bulletin, the Trust Intranet and if deemed appropriate by the policy administration office, Chief Executive Team Brief. Copies of the policy will be disseminated to nominated policy file holders. 6.0 TRUST POLICY AND PROCEDURE LINKS Access to Health Records Policy(Including Subject Access) Data Quality Policy Communications Policy Staff Code of Conduct Control and Use of Mobile Devices Electronic Communications Policy Freedom of Information Policy IT Security Policy Procedure for Communicating Personal Identifiable Information Information Sharing Agreement/s Tier 0, Tier 1 and Tier 2 Professional records Keeping Policy Health Records Confidentiality and Security Policy Registration Authority Policy (NCRS Security) Research Governance Policy Safehaven Procedure 7.0 NATIONAL CONTEXT 8.0 TRAINING Connecting for Health Information Governance Toolkit Professional codes of conduct from the BMA, GMC and NMC and others including Allied Health professionals, Finance Professionals and NHS Managers NHS Code of Confidentiality NHS Code of Practice for Information Security NCRS Guarantee All staff attend a mandatory training programme as part of their induction that includes Information Governance. Staff must also undertake annual mandatory e-learning IG training. Further sessions can be scheduled and delivered as necessary upon request and will be tailored to the demands of various staff groups Additional modules are available and are both optional and recommended for specific roles which will support and enhance their knowledge aligned with their responsibilities e.g. SIRO, Information Asset Owners. Date of Issue: January of 25

12 8.1.3 Completion of mandatory e-learning IG Training modules are regularly monitored and reports provided to senior management and SIRO Background information on information governance is available on the NHS Connecting for Health website AUDIT Staff knowledge of Information Governance including Policy, procedure and practices will be monitored and assessed each year via a staff survey. This meets part of the IG training requirement of the Information Governance Toolkit. Date of Issue: January of 25

13 Requirement Information Governance Requirements Current at 2011 APPENDIX ONE 101 There is an adequate Information Governance Management Framework to support the current and evolving Information Governance agenda 105 There are approved and comprehensive Information Governance Policies with associated strategies and/or improvement plans 110 Formal contractual arrangements that include compliance with information governance requirements, are in place with all contractors and support organisations 111 Employment contracts which include compliance with information governance standards are in place for all individuals carrying out work on behalf of the organisation 112 Information Governance awareness and mandatory training procedures are in place and all staff are appropriately trained 200 The Information Governance agenda is supported by adequate confidentiality and data protection skills, knowledge and experience which meet the organisation s assessed needs 201 Staff are provided with clear guidance on keeping personal information secure and on respecting the confidentiality of service users 202 Personal information is only used in ways that do not directly contribute to the delivery of care services where there is a lawful basis to do so and objections to the disclosure of confidential personal information are appropriately respected 203 Individuals are informed about the proposed uses of their personal information 205 There are appropriate procedures for recognising and responding to individuals requests for access to their personal data 206 There are appropriate confidentiality audit procedures to monitor access to confidential personal information 207 Where required, protocols governing the routine sharing of personal information have been agreed with other organisations 209 All person identifiable data processed outside of the UK complies with the Data Protection Act 1998 and Department of Health guidelines 210 All new processes, services, information systems, and other relevant information assets are developed and implemented in a secure and structured manner, and comply with IG security accreditation, information quality and confidentiality and data protection requirements 300 The Information Governance agenda is supported by adequate information security skills, knowledge and experience which meet the organisation s assessed needs 301 A formal information security risk assessment and management programme for key Information Assets has been documented, implemented and reviewed 302 There are documented information security incident / event reporting and management procedures that are accessible to all staff 303 There are established business processes and procedures that satisfy the organisation s obligations as a Registration Authority 304 Monitoring and enforcement processes are in place to ensure NHS national application Smartcard users comply with the terms and conditions of use 305 Operating and application information systems (under the organisation s control) support appropriate access control functionality and documented and managed access rights are in place for all users of these systems Date of Issue: January of 25

14 307 An effectively supported Senior Information Risk Owner takes ownership of the organisation s information risk policy and information risk management strategy 308 All transfers of hardcopy and digital person identifiable and sensitive information have been identified, mapped and risk assessed; technical and organisational measures adequately secure these transfers 309 Business continuity plans are up to date and tested for all critical information assets (data processing facilities, communications services and data) and service - specific measures are in place 310 Procedures are in place to prevent information processing being interrupted or disrupted through equipment failure, environmental hazard or human error 311 Information Assets with computer components are capable of the rapid detection, isolation and removal of malicious code and unauthorised mobile code 313 Policy and procedures are in place to ensure that Information Communication Technology (ICT) networks operate securely 314 Policy and procedures ensure that mobile computing and teleworking are secure 323 All information assets that hold, or are, personal data are protected by appropriate organisational and technical measures 324 The confidentiality of service user information is protected through use of pseudonymisation and anonymisation techniques where appropriate 400 The Information Governance agenda is supported by adequate information quality and records management skills, knowledge and experience 401 There is consistent and comprehensive use of the NHS Number in line with National Patient Safety Agency requirements 402 Procedures are in place to ensure the accuracy of service user information on all systems and /or records that support the provision of care 404 A multi-professional audit of clinical records across all specialties has been undertaken 406 Procedures are in place for monitoring the availability of paper health/care records and tracing missing records 501 National data definitions, standards, values and validation programmes are incorporated within key systems and local documentation is updated as standards develop 502 External data quality reports are used for monitoring and improving data quality 504 Documented procedures are in place for using both local and national benchmarking to identify data quality issues and analyse trends in information over time, ensuring that large changes are investigated and explained 506 A documented procedure and a regular audit cycle for accuracy checks on service user data is in place 507 The Completeness and Validity check for data has been completed and passed 508 Clinical/care staff are involved in validating information derived from the recording of clinical/care activity 514 An audit of clinical coding, based on national standards, has been undertaken by a member of staff from the NHS Connecting for Health list of registered clinical coding auditors within the last 12 months 516 Training programmes for clinical coding staff entering coded clinical data are comprehensive and conform to national standards 601 Documented and implemented procedures are in place for the effective management of corporate records 603 Documented and publicly available procedures are in place to ensure compliance with the Freedom of Information Act 2000 Date of Issue: January of 25

15 604 As part of the information lifecycle management strategy, an audit of corporate records has been undertaken Date of Issue: January of 25

16 APPENDIX NO.2 INFORMATION GOVERNANCE STRATEGY This strategy sets out the approach to be taken within the Trust to provide a robust Information Governance Framework for the future management of information. 1.0 The Scope of the Strategy 1.1 Information Governance currently encompasses the following: Information Governance Management Confidentiality and Data Protection Assurance Information Security Assurance Clinical Information Assurance Secondary User Assurance Corporate Information Assurance 1.2 Information Governance has the following fundamental aims: To support the provision of high quality care by promoting the effective and appropriate use of information To encourage responsible staff to work closely together, preventing duplication of effort and enabling more efficient use of resources To develop support arrangements and provide staff with appropriate tools and support to enable them to discharge their responsibilities to consistently high standards To enable organisations to understand their own performance and manage improvement in a systematic and effective way 1.3 The Trust has a statutory responsibility to patients and the public to ensure that the services it provides has effective processes, policies and people in place to deliver its objectives in relation to holding and using confidential and personal information. Date of Issue: January of 25

17 1.4 This strategy outlines the approach the Trust will take to ensure that it develops effective information governance processes throughout the organisation, which will enable the Trust to deliver its objectives and meet its statutory and regulatory requirements. 2.0 Key Components of the Strategy 2.1 There are 2 key components underpinning this strategy which are: The Trust Information Governance Policy which outlines the objectives for Information Governance and Strategy An annual Action / Improvement Plan arising from a baseline assessment against the standards set out in the Connecting for Health Information Governance Toolkit. 2.2 The Clinical Records and Information Governance Group has overall responsibility for overseeing the implementation of this strategy, the Information Governance Policy and the Information Governance Improvement Plan. All will be subject to periodic review and progress reported to the SIRO and Trust Board. There is sufficient representation at the Clinical Records and Information Governance Group to ensure that Information Governance is embedded within organisational structure. 2.3 A key function of the Clinical Records and Information Governance Group is to monitor and review untoward incidents and occurrences relating to Information Governance. Such incidents should be recorded on the Caldicott Log and reviewed for appropriate action, progress and timely closure. 2.4 An Information Governance Action Plan identifying responsible leads will be agreed each year to ensure compliance against each of the requirements. This Improvement Plan forms part of the overall Board or SIRO endorsed Information Governance Strategy and includes established links to the Board Assurance Framework. Date of Issue: January of 25

18 3.0 Role and Responsibilities 3.1 The Executive Director of Finance, Estates & Facilities and IM&T is the named individual on the Trust Board with overall accountability for Information Governance and the Trust Senior Information Risk Officer (SIRO.) 3.2 The Medical Director is the Caldicott Guardian. This role is supported by a deputy Caldicott Guardian and the Health Records Manager is a delegated Authority. 3.3 The Information Governance Lead is the senior manager with responsibility for the Information Governance Agenda and reports to the Associate Director of IM&T. 3.4 This Strategy cannot be seen in isolation as information plays an integral part in Governance, Strategic Risk, Clinical Governance and Performance and Service Planning. The strategy therefore links into all of these aspects of the organisation and is reflected in the Governance strategy. In addition, the Trust board has identified Information Governance as a risk within the Board Assurance Framework. The implementation of this strategy will reduce the level of this risk. 3.5 The Information Governance Lead will identify associated resource implications incurred by the implementation and maintenance of the Information Governance Policy Improvement Action Plan and expansion of services. Approval will be agreed by either the Clinical Records and Information Governance Group and /or the Trust SIRO. Business cases may be prepared as appropriate. 3.6 Performance will be monitored by the Clinical Records and Information Governance Group and submitted via the Information Governance Toolkit as a minimum annually. 3.7 Fundamental to the success of delivering the Information Governance Strategy is developing an Information Governance culture within the Trust. This will be embedded into day to day work practices. This will be assessed using an annual staff survey to gauge individuals Information Governance knowledge and compliance. 3.8 Awareness and training will be provided to all Trust staff. Staff will be directed to use the mandatory IG training modules currently hosted by CfH (Connecting for Health.) This training forms part of the Trust Mandatory Training Policy. Additional training modules are (as optional and recommended) available for staff to complete particular to their work role and outlined in a training matrix as attached. Additional training modules should be discussed as part of the PDP process. Date of Issue: January of 25

19 4.0 Conclusion 4.1 The implementation of the Information Governance Strategy, Policy and Action Plan will ensure that information is more effectively managed in the organisation. A revised action plan will be developed annually against the Information Governance Toolkit requirements to identify areas for continuous improvement. Date of Issue: January of 25

20 Access to Health Records Business Continuity Manageemnt Clinical Information Systems Records Management & the NHS Code of Practice Patient Confidentiality Information Security Management Information Security Guidelines Secure Transfers of Personal Data NHS Information Risk for SIROs & IAOs Caldicott Guardian in the NHS & Social Care Password Management Beginners Gide to IG IG for Medical Secretaries Intro to IG or Refresher Training (as applicable) Designation Information Governance Policy Appendix No.3 INFORMATION GOVERNANCE IG E-LEARNING MATRIX Caldicott Guardian M R M R M Clinical Governance staff M R Clinical Systems Trainers M R R R R M Clinicians/Social Care staff M R R M R Community Admin M R R R R Facilities staff M R Finance staff M R Health Records staff M R R R M M HR staff M R R Informatics staff M R R R Information Asset Owners M R M R R Information Governance staff M R R R M M R M M M M M Information Security staff M R M R M M R IT staff M R R R R Medical Secretaries M R R R M R Non Executive Directors M R R Payroll staff M R Planning & Performance staff M R R R SAR Handlers M R R R M SIRO M R M R R Volunteers M R R M denote Mandatory modules R- denotes Recommended Modules Date of Issue: January of 25

21 INFORMATION GOVERNANCE FRAMEWORK Appendix no.4 External reporting Information Governance Policy CQC Stds / External Audit MONITOR CfH via IGT Trustboard Member TRUST BOARD Trustboard Member AUDIT COMMITTEE (Inc Internal Audits) SIRO ADVISORY GROUP SIRO attends EMT Governance EMT GOVERNANCE including Corporate, Clinical and Information Caldicott Guardian attends EMT Governance Caldicott Guardian (Max Marshall) Information Asset Owners (IAO s) IM&T Dept Including Information Governance function Corporate Records Management Group Clinical Records & IG Management Group Receives reports via PCUI SLA Information Quality & Records Mgmt Grp Health Records Management including health records stores External Standards Network Gov Groups Including Adult MH, Adult comm Secure and Children & Families Legislation e.g. DPA Operational service groups NHSLA Stds Date of Issue: January of 25

22 Lancashire Care NHS Foundation Trust Initial Equality Impact Assessment Department/Function IM&T Information Governance Lead person Michelle J Brammah Contact details Name of policy/procedure/service to be Information Governance Policy assessed Date of assessment Is this a new or existing policy/procedure/service? 1. Briefly describe the aims, objectives and purpose of the policy/procedure/service? Existing Policy Information is a vital organisational asset. It supports both clinical management and Corporate management. It plays a key role in patient care, service and performance management and governance. Date of Issue: January of 25 The Trust recognises the need for an appropriate balance between openness and confidentiality in the management and use of information. The aim of the Policy is to provide a simple framework for all Trust staff through which elements of Information Governance will be met. 2. Who is intended to benefit? Policy implementation will benefit staff working within the Trust including any person directly employed or indirectly employed e.g. 3 rd party contract staff, temporary staff, locums or temporary staff 3. What outcomes are wanted? There are several outcomes: 1. To raise staff awareness of the Information Governance Framework and identify the

23 management forums to which related issues can be presented 2. To ensure that all staff from senior level through to service level understand their responsibilities in terms of confidentiality and security of Trust information including patient, staff and corporate. 3. To set out expectations for Information Quality Assurance 4. To detail the use of Improvement plans in order to meet the requirement for regulatory annual self- assessment. 5. To outline the requirement of Mandatory Information Governance training for all Trust staff 4. Who are the main stakeholders? The main stakeholders are all staff working within the Trust including any person directly employed or indirectly employed e.g. 3 rd party contract staff, temporary staff, locums or temporary staff 5. Who is responsible for implementation? Section 2 of the Policy outlines all the key roles who should be involved with the application of the Policy from the Trust Board to the individual member of staff. Specifically the IG Lead is responsible for ensuring that the Policy is widely communicated through a variety of methods e.g. Trust weekly e-bulletin, Insight Magazine, Trust Intranet, Corporate Induction, Network Governance meetings. As part of the Monitoring and Compliance of the Policy, the IG Lead will include an awareness check in the annual IG Staff Survey. Line Management should ensure that staff comply with this policy and individuals are responsible for familiarising themselves with the procedure and associated guidance. Date of Issue: January of 25

24 6. Are there concerns that there could be differential impact on the following groups and what existing evidence do you have for this? People from a Black or minority ethnic background please explain and also include local demographics, monitoring of E and D (e.g. % of BME communities in East Lancashire is this % reflected in recruitment and/or service use?) Y N No. The application of this policy has equal relevance to all and makes no distinction to any particular group Women or men Y N No. Declaration of gender has no bearing on this Policy and applies to all groups People with disabilities or long term health conditions People with a particular religion or beliefs Y N No. This Policy applies equally to all staff and does not discriminate against people with disabilities or long term health conditions. Y N No. There is nothing intended or stated in the Policy that identifies or distinguishes a particular belief or religion Lesbian, gay,bisexual, trans people Y N No. Sexuality has no bearing on the adherence of the Policy Older or younger people Y N No. Regardless of age group the Policy is relevant based on the objectives stated above. Carers Y N No. There is no differential on this group. Assurance should be given by the principles set out in the Policy for the protection of information 7. Could any differential impact identified above be potentially adverse? 8. Can any adverse impact be justified on the grounds of promoting equality of opportunity? (e.g. single sex group, BME group) 9. Have you consulted with those who are likely to be affected? Y N No. Y N No Y N The Policy has been presented to the Clinical Records and Information Governance Group December Members were asked to provide comment and suggest any amendments or feedback to the IG Lead so that they could be reflected in the final version. Date of Issue: January of 25

25 10. Should the policy/procedure/service proceed to full impact assessment? Y N Information Governance Policy No. This is not required. No particular group is affected by implementation and therefore it does not warrant greater scrutiny I understand the impact assessment of this policy/procedure/service is a statutory obligation and take responsibility for the completion of this process. Names of assessors Michelle J Brammah IG Lead Sue Stone IG Specialist Date of assessment Date of next review Jan 2015 Date of Issue: January of 25

Information Governance Policy

Information Governance Policy Information Governance Policy REFERENCE NUMBER IG 101 / 0v3 May 2012 VERSION V1.0 APPROVING COMMITTEE & DATE Clinical Executive 4.9.12 REVIEW DUE DATE May 2015 West Lancashire CCG is committed to ensuring

More information

Policy Document Control Page

Policy Document Control Page Policy Document Control Page Title Title: Information Governance Policy Version: 5 Reference Number: CO44 Keywords: Information Governance Supersedes Supersedes: Version 4 Description of Amendment(s):

More information

INFORMATION GOVERNANCE POLICY

INFORMATION GOVERNANCE POLICY INFORMATION GOVERNANCE POLICY Version Version 1 Ratified By Date Ratified PROPOSED FOR APPROVAL 15/11/12 Author(s) Responsible Committee / Officers Date Issue November 2012 Review Date November 2013 Intended

More information

Information Governance Policy

Information Governance Policy Information Governance Policy Version: 4 Bodies consulted: Caldicott Guardian, IM&T Directors Approved by: MT Date Approved: 27/10/2015 Lead Manager: Governance Manager Responsible Director: SIRO Date

More information

INFORMATION GOVERNANCE POLICY

INFORMATION GOVERNANCE POLICY INFORMATION GOVERNANCE POLICY Primary Intranet Location Information Management & Governance Version Number Next Review Year Next Review Month 7.0 2018 January Current Author Phil Cottis Author s Job Title

More information

Information Governance Strategy

Information Governance Strategy Information Governance Strategy Document Status Draft Version: V2.1 DOCUMENT CHANGE HISTORY Initiated by Date Author Information Governance Requirements September 2007 Information Governance Group Version

More information

MOORLAND SURGICAL SUPPLIES LTD INFORMATION GOVERNANCE POLICY

MOORLAND SURGICAL SUPPLIES LTD INFORMATION GOVERNANCE POLICY MOORLAND SURGICAL SUPPLIES LTD INFORMATION GOVERNANCE POLICY Moorland is committed to ensuring that, as far as it is reasonably practicable, the way we provide services to the public and the way we treat

More information

Information Governance Policy

Information Governance Policy Policy Policy Number / Version: v2.0 Ratified by: Audit Committee Date ratified: 25 th February 2015 Review date: 24 th February 2016 Name of originator/author: Name of responsible committee/individual:

More information

INFORMATION GOVERNANCE STRATEGY

INFORMATION GOVERNANCE STRATEGY INFORMATION GOVERNANCE STRATEGY Page 1 of 10 Strategy Owner Valerie Penn, Head of Governance Strategy Author Caroline Law, Information Governance Project Manager Directorate Corporate Governance Ratifying

More information

Information Governance Strategy and Policy. OFFICIAL Ownership: Information Governance Group Date Issued: 15/01/2015 Version: 2.

Information Governance Strategy and Policy. OFFICIAL Ownership: Information Governance Group Date Issued: 15/01/2015 Version: 2. Information Governance Strategy and Policy Ownership: Information Governance Group Date Issued: 15/01/2015 Version: 2.0 Status: Final Revision and Signoff Sheet Change Record Date Author Version Comments

More information

Information Governance Policy

Information Governance Policy Author: Susan Hall, Information Governance Manager Owner: Fiona Jamieson, Assistant Director of Healthcare Governance Publisher: Compliance Unit Date of first issue: February 2005 Version: 5 Date of version

More information

Information Governance Strategy

Information Governance Strategy Information Governance Strategy ONCE PRINTED OFF, THIS IS AN UNCONTROLLED DOCUMENT. PLEASE CHECK THE INTRANET FOR THE MOST UP TO DATE COPY Target Audience: All staff employed or working on behalf of the

More information

1.5 The Information Governance Policy should be read in conjunction with the Information Governance Strategy.

1.5 The Information Governance Policy should be read in conjunction with the Information Governance Strategy. Title: Reference No: NHSNYYIG - 007 Owner: Author: INFORMATION GOVERNANCE POLICY Director of Standards First Issued On: September 2010 Latest Issue Date: February 2012 Operational Date: February 2012 Review

More information

INFORMATION GOVERNANCE POLICY

INFORMATION GOVERNANCE POLICY INFORMATION GOVERNANCE POLICY Version: 3.2 Authorisation Committee: Date of Authorisation: May 2014 Ratification Committee Level 1 documents): Date of Ratification Level 1 documents): Signature of ratifying

More information

Information Governance Policy

Information Governance Policy Information Governance Policy Policy ID IG02 Version: V1 Date ratified by Governing Body 27/09/13 Author South Commissioning Support Unit Date issued: 21/10/13 Last review date: N/A Next review date: September

More information

Information Governance Policy

Information Governance Policy Information Governance Policy Policy Summary This policy outlines the organisation s approach to the management of Information Governance and information handling. It explains the accountability and reporting

More information

INFORMATION GOVERNANCE POLICY

INFORMATION GOVERNANCE POLICY Directorate of Performance Assurance INFORMATION GOVERNANCE POLICY Reference: DCP074 Version: 2.5 This version issued: 27/03/15 Result of last review: Minor changes Date approved by owner (if applicable):

More information

Information Governance Toolkit Report 2013/14

Information Governance Toolkit Report 2013/14 TAUNTON AND SOMERSET NHS FOUNDATION TRUST Information Governance Toolkit Report 2013/14 Report to: Trust Board on: 28 May 2014 Purpose of the Report: This report is presented to the Trust Board for information

More information

Information Governance Strategy. Version No 2.0

Information Governance Strategy. Version No 2.0 Plymouth Community Healthcare CIC Information Governance Strategy Version No 2.0 Notice to staff using a paper copy of this guidance. The policies and procedures page of PCH Intranet holds the most recent

More information

All CCG staff. This policy is due for review on the latest date shown above. After this date, policy and process documents may become invalid.

All CCG staff. This policy is due for review on the latest date shown above. After this date, policy and process documents may become invalid. Policy Type Information Governance Corporate Standing Operating Procedure Human Resources X Policy Name CCG IG03 Information Governance & Information Risk Policy Status Committee approved by Final Governance,

More information

A Question of Balance

A Question of Balance A Question of Balance Independent Assurance of Information Governance Returns Audit Requirement Sheets Contents Scope 4 How to use the audit requirement sheets 4 Evidence 5 Sources of assurance 5 What

More information

Gloucestershire Hospitals

Gloucestershire Hospitals Gloucestershire Hospitals NHS Foundation Trust TRUST POLICY In the case of hard copies of this policy the content can only be assured to be accurate on the date of issue marked on the document. The Policy

More information

Information Governance Strategy 2015/16

Information Governance Strategy 2015/16 Information Governance Strategy 2015/16 Ratified Governing Body (November 2015) Status Final Issued November 2015 Approved By Executive Committee (August 2015) Consultation Equality Impact Assessment Internal

More information

Surrey & Sussex Healthcare NHS Trust

Surrey & Sussex Healthcare NHS Trust Surrey & Sussex Healthcare NHS Trust An Organisation-wide Policy for Information Governance (IG) Version 1.3 Status Ratified Date Ratified March 2008 Name of Owner Name of Sponsor Group Name of Ratifying

More information

Information Governance Plan

Information Governance Plan Information Governance Plan 2013 2015 1. Overview 1.1 Information is a vital asset, both in terms of the clinical management of individual patients and the efficient organisation of services and resources.

More information

Information Governance Policy

Information Governance Policy Information Governance Policy Version: Revised: Consultation: Ratified by: 1.0 Information Governance Committee Governance Committee Date ratified: 19 March 2008 Name of originator/author: David McGrath

More information

Information Governance Policy (incorporating IM&T Security)

Information Governance Policy (incorporating IM&T Security) (incorporating IM&T Security) ONCE PRINTED OFF, THIS IS AN UNCONTROLLED DOCUMENT. PLEASE CHECK THE INTRANET FOR THE MOST UP TO DATE COPY Target Audience: All staff employed or working on behalf of the

More information

SALISBURY NHS FOUNDATIONTRUST

SALISBURY NHS FOUNDATIONTRUST SALISBURY NHS FOUNDATIONTRUST PAPER SHC 1738 TITLE Information Governance Policy PURPOSE OF PAPER The Information Governance Policy was first approved in April 2005. It is currently due for review to ensure

More information

Version Number Date Issued Review Date V1 25/01/2013 25/01/2013 25/01/2014. NHS North of Tyne Information Governance Manager Consultation

Version Number Date Issued Review Date V1 25/01/2013 25/01/2013 25/01/2014. NHS North of Tyne Information Governance Manager Consultation Northumberland, Newcastle North and East, Newcastle West, Gateshead, South Tyneside, Sunderland, North Durham, Durham Dales, Easington and Sedgefield, Darlington, Hartlepool and Stockton on Tees and South

More information

INFORMATION GOVERNANCE POLICY

INFORMATION GOVERNANCE POLICY INFORMATION GOVERNANCE POLICY Information Governance Policy_v2.0_060913_LP Page 1 of 14 Information Reader Box Directorate Purpose Document Purpose Document Name Author Corporate Governance Guidance Policy

More information

INFORMATION GOVERNANCE OPERATING POLICY & FRAMEWORK

INFORMATION GOVERNANCE OPERATING POLICY & FRAMEWORK INFORMATION GOVERNANCE OPERATING POLICY & FRAMEWORK Log / Control Sheet Responsible Officer: Chief Finance Officer Clinical Lead: Dr J Parker, Caldicott Guardian Author: Associate IG Specialist, Yorkshire

More information

INFORMATION GOVERNANCE STRATEGIC VISION, POLICY AND FRAMEWORK

INFORMATION GOVERNANCE STRATEGIC VISION, POLICY AND FRAMEWORK INFORMATION GOVERNANCE STRATEGIC VISION, POLICY AND FRAMEWORK Policy approved by: Assurance Committee Date: 3 December 2014 Next Review Date: December 2016 Version: 1.0 Information Governance Strategic

More information

Information Governance Policy

Information Governance Policy Information Governance Policy Version 1.1 Responsible Person Information Governance Manager Lead Director Head of Corporate Services Consultation Route Information Governance Steering Group Approval Route

More information

Information Governance Policy

Information Governance Policy Information Governance Policy Information Governance Policy Issue Date: June 2014 Document Number: POL_1008 Prepared by: Information Governance Senior Manager Insert heading depending on Insert line heading

More information

Information Governance Policy

Information Governance Policy Information Governance Policy UNIQUE REF NUMBER: AC/IG/013/V1.2 DOCUMENT STATUS: Approved by Audit Committee 19 June 2013 DATE ISSUED: June 2013 DATE TO BE REVIEWED: June 2014 1 P age AMENDMENT HISTORY

More information

Information Governance Policy. Church Road Medical Practice

Information Governance Policy. Church Road Medical Practice Information Governance Policy Church Road Medical Practice Version No: 1.0 Issue Date: March 2015 INFORMATION GOVERNANCE POLICY 1. Summary Information is a vital asset, both in terms of the clinical management

More information

NHS Commissioning Board: Information governance policy

NHS Commissioning Board: Information governance policy NHS Commissioning Board: Information governance policy DOCUMENT STATUS: To be approved / Approved DOCUMENT RATIFIED BY: DATE ISSUED: October 2012 DATE TO BE REVIEWED: April 2013 2 AMENDMENT HISTORY: VERSION

More information

Information Governance Strategy

Information Governance Strategy Information Governance Strategy THCCGCG9 Version: 01 The information governance strategy outlines the CCG governance aims and the key objectives of its governance policies. The Chief officer has the overarching

More information

Information Governance Strategy. Version No 2.1

Information Governance Strategy. Version No 2.1 Livewell Southwest Information Governance Strategy Version No 2.1 Notice to staff using a paper copy of this guidance. The policies and procedures page of LSW Intranet holds the most recent version of

More information

Information Governance Toolkit Assessment 2009/10

Information Governance Toolkit Assessment 2009/10 Information Governance Toolkit Assessment 2009/10 Document Reference: Version: Ratified by: Date ratified: Name of originator/author: Name of responsible committee/individual: Document owner: Document

More information

Trust Board Meeting: Wednesday 12 November 2014 TB

Trust Board Meeting: Wednesday 12 November 2014 TB Trust Board Meeting: Wednesday 12 November 2014 Title Update on Information Governance: Mid-Year Selfassessment against Information Governance Toolkit Status History For discussion Bi-annual Update Board

More information

INFORMATION GOVERNANCE POLICY

INFORMATION GOVERNANCE POLICY INFORMATION GOVERNANCE POLICY Name of Policy Author: Name of Review/Development Body: Ratification Body: Ruth Drewett Information Governance Steering Group Committee Trust Board : April 2015 Review date:

More information

Trust Informatics Policy. Information Governance. Information Governance Policy

Trust Informatics Policy. Information Governance. Information Governance Policy Trust Informatics Policy Information Governance Policy Reference: TIP/IG/IGP I:\IG\IGM\IGT\March 2011\Document Library\Policies\Approved/ - 1 Document Control Policy Title Author/Contact Document Reference

More information

Information Governance Strategy :

Information Governance Strategy : Item 11 Strategy Strategy : Date Issued: Date To Be Reviewed: VOY xx Annually 1 Policy Title: Strategy Supersedes: All previous Strategies 18/12/13: Initial draft Description of Amendments 19/12/13: Update

More information

Barnsley Clinical Commissioning Group. Information Governance Policy and Management Framework

Barnsley Clinical Commissioning Group. Information Governance Policy and Management Framework Putting Barnsley People First Barnsley Clinical Commissioning Group Information Governance Policy and Management Framework Version: 1.1 Approved By: Governing Body Date Approved: 16 January 2014 Name of

More information

Policy Checklist. Head of Information Governance

Policy Checklist. Head of Information Governance Policy Checklist Name of Policy: Information Governance Policy Purpose of Policy: To provide guidance to all staff on their responsibilities regarding information governance and to ensure that the Trust

More information

Information Governance Strategy

Information Governance Strategy Information Governance Strategy To whom this document applies: All Trust staff, including agency and contractors Procedural Documents Approval Committee Issue Date: January 2010 Version 1 Document reference:

More information

NHS Newcastle Gateshead Clinical Commissioning Group. Information Governance Strategy 2015/16

NHS Newcastle Gateshead Clinical Commissioning Group. Information Governance Strategy 2015/16 NHS Newcastle Gateshead Clinical Commissioning Group Information Governance Strategy 2015/16 Document Status Equality Impact Assessment Document Ratified/Approved By Approved No impact NHS Quality, Safety

More information

CORPORATE POLICY & PROCEDURE NO. 7 INFORMATION GOVERNANCE POLICY. December 2014

CORPORATE POLICY & PROCEDURE NO. 7 INFORMATION GOVERNANCE POLICY. December 2014 CORPORATE POLICY & PROCEDURE NO. 7 INFORMATION GOVERNANCE POLICY December 2014 DOCUMENT INFORMATION Author: Barbara Sansom Information Governance Manager Equality Impact Assessment Consultation & Approval

More information

NHS North Durham Clinical Commissioning Group. Information Governance Strategy 2015/16

NHS North Durham Clinical Commissioning Group. Information Governance Strategy 2015/16 NHS North Durham Clinical Commissioning Group Information Governance Strategy 2015/16 Document Status Equality Impact Assessment Document Ratified/Approved By Final No impact Risk and Audit Committee/Governing

More information

INFORMATION GOVERNANCE POLICY & STRATEGY FINAL DRAFT

INFORMATION GOVERNANCE POLICY & STRATEGY FINAL DRAFT INFORMATION GOVERNANCE POLICY & STRATEGY FINAL DRAFT Prepared By: Alistair Stewart Responsible Person: Endorsed by: Information Governance Committee Date: May 2008 Review: June 2009 Issue Number Draft

More information

INFORMATION GOVERNANCE POLICY & FRAMEWORK

INFORMATION GOVERNANCE POLICY & FRAMEWORK INFORMATION GOVERNANCE POLICY & FRAMEWORK Version 1.2 Committee Approved by Audit Committee Date Approved 5 March 2015 Author: Responsible Lead: Associate IG Specialist, YHCS Corporate & Governance Manger

More information

Information Governance Framework and Strategy. November 2014

Information Governance Framework and Strategy. November 2014 November 2014 Authorship : Committee Approved : Chris Wallace Information Governance Manager CCG Senior Management Team and Joint Trade Union Partnership Forum Approved Date : November 2014 Review Date

More information

INFORMATION GOVERNANCE POLICY

INFORMATION GOVERNANCE POLICY INFORMATION GOVERNANCE POLICY Issued by: Senior Information Risk Owner Policy Classification: Policy No: POLIG001 Information Governance Issue No: 1 Date Issued: 18/11/2013 Page No: 1 of 16 Review Date:

More information

INFORMATION RISK MANAGEMENT POLICY

INFORMATION RISK MANAGEMENT POLICY INFORMATION RISK MANAGEMENT POLICY DOCUMENT CONTROL: Version: 1 Ratified by: Steering Group / Risk Management Sub Group Date ratified: 21 November 2012 Name of originator/author: Manager Name of responsible

More information

Information Governance Policy

Information Governance Policy BEXLEY CARE TRUST MANAGEMENT MANUAL Title: INFORMATION GOVERNANCE POLICY Originating Department: IT DEPARTMENT Authorised by: Risk Management Committee June 2008 Reference no: CA12 Date of Issue: JANUARY

More information

Lancashire County Council Information Governance Framework

Lancashire County Council Information Governance Framework Appendix 'A' Lancashire County Council Information Governance Framework Introduction Information Governance provides a framework for bringing together all of the requirements, standards and best practice

More information

Information Security Policy

Information Security Policy Information Security Policy JUNE 2014 Author Responsibility Lynda Harris, Head of Information Governance, Central Eastern CSU, Bedfordshire and Luton All staff Effective Date June 2014 Review Date June

More information

NHS Hartlepool and Stockton-on-Tees Clinical Commissioning Group. Information Governance Strategy 2015/16

NHS Hartlepool and Stockton-on-Tees Clinical Commissioning Group. Information Governance Strategy 2015/16 NHS Hartlepool and Stockton-on-Tees Clinical Commissioning Group Information Governance Strategy 2015/16 Document Status Equality Impact Assessment Final No impact Document Ratified/Approved By Hartlepool

More information

INFORMATION GOVERNANCE POLICY

INFORMATION GOVERNANCE POLICY INFORMATION GOVERNANCE POLICY NWAS Information Governance Policy Page: Page 1 of 10 Date of Issue: January 2014 Date of Review February 2015 Recommended by Approved by Information Governance Management

More information

Information Governance Strategy & Policy

Information Governance Strategy & Policy Information Governance Strategy & Policy March 2014 CONTENT Page 1 Introduction 1 2 Strategic Aims 1 3 Policy 2 4 Responsibilities 3 5 Information Governance Reporting Structure 4 6 Managing Information

More information

Information Governance Policy. 2 RESPONSIBLE PERSON: Steve Beeho, Head of Integrated Governance. All CCG-employed staff.

Information Governance Policy. 2 RESPONSIBLE PERSON: Steve Beeho, Head of Integrated Governance. All CCG-employed staff. Information Governance Policy 1 SUMMARY This policy is intended to ensure that staff are fully aware of their Information Governance (IG) responsibilities, so that they can effectively manage and best

More information

SOMERSET PARTNERSHIP NHS FOUNDATION TRUST RECORDS MANAGEMENT STRATEGY. Report to the Trust Board 22 September 2015. Information Governance Manager

SOMERSET PARTNERSHIP NHS FOUNDATION TRUST RECORDS MANAGEMENT STRATEGY. Report to the Trust Board 22 September 2015. Information Governance Manager SOMERSET PARTNERSHIP NHS FOUNDATION TRUST RECORDS MANAGEMENT STRATEGY Report to the Trust Board 22 September 2015 Sponsoring Director: Author: Purpose of the report: Key Issues and Recommendations: Director

More information

RECORDS MANAGEMENT POLICY

RECORDS MANAGEMENT POLICY RECORDS MANAGEMENT POLICY Version 8.0 Purpose: For use by: This document is compliant with /supports compliance with: To outline the lifecycle of a record and to provide guidance on retention and disposal

More information

NHS Business Services Authority Information Governance Policy

NHS Business Services Authority Information Governance Policy NHS Business Services Authority Information Governance Policy NHS Business Services Authority Corporate Secretariat NHSBSAIGM002 Issue Sheet Document reference NHSBSAIGM002 Document location F:\CEO\IGM\Info

More information

Information Security Policy

Information Security Policy Information Security Policy Reference No: Version: 5 Ratified by: CG007 Date ratified: 26 July 2010 Name of originator/author: Name of responsible committee/individual: Date approved by relevant Committee:

More information

NHS Waltham Forest Clinical Commissioning Group Information Governance Policy

NHS Waltham Forest Clinical Commissioning Group Information Governance Policy NHS Waltham Forest Clinical Commissioning Group Information Governance Policy Author: Zeb Alam & David Pearce Version 3.0 Amendments to Version 2.1 Updates made in line with National Guidance and Legislation

More information

INFORMATION GOVERNANCE AND DATA PROTECTION POLICY

INFORMATION GOVERNANCE AND DATA PROTECTION POLICY INFORMATION GOVERNANCE AND DATA PROTECTION POLICY WN CCG Information Governance & Data Protection Policy July 2013 1 Document Control Sheet Name of Document: Information Governance & Data Protection Policy

More information

Policy: D9 Data Quality Policy

Policy: D9 Data Quality Policy Policy: D9 Data Quality Policy Version: D9/02 Ratified by: Trust Management Team Date ratified: 16 th October 2013 Title of Author: Head of Knowledge Management Title of responsible Director Director of

More information

JOB DESCRIPTION. Information Governance Manager

JOB DESCRIPTION. Information Governance Manager JOB DESCRIPTION POST TITLE: Information Governance Manager DIRECTORATE: ACCOUNTABLE TO: BAND: LOCATION: CSS Head of Information Governance 8a CSS Job Purpose The Information Governance Manager will ensure

More information

USE OF PERSONAL MOBILE DEVICES POLICY

USE OF PERSONAL MOBILE DEVICES POLICY Policies and Procedures USE OF PERSONAL MOBILE DEVICES POLICY Date Approved by Information Strategy Group Version Issue Date Review Date Executive Lead Information Asset Owner Author 15.04.2014 1.0 01/08/2014

More information

RISK MANAGEMENT STRATEGY 2014-17

RISK MANAGEMENT STRATEGY 2014-17 RISK MANAGEMENT STRATEGY 2014-17 DOCUMENT NO: Lead author/initiator(s): Contact email address: Developed by: Approved by: DN128 Head of Quality Performance Julia.sirett@ccs.nhs.uk Quality Performance Team

More information

This Policy supersedes the following Policy, which must now be destroyed :

This Policy supersedes the following Policy, which must now be destroyed : Document Title Reference Number Lead Officer Author(s) (name and designation) Ratified by Removable Media: Data Encryption Policy NTW(O)30 Lisa Quinn Executive Director of Performance and Assurance Sue

More information

Information Governance Framework

Information Governance Framework Information Governance Framework Authorship: Chris Wallace, Information Governance Manager Committee Approved: Integrated Audit and Governance Committee Approved date: 11th March 2014 Review Date: March

More information

Information Governance Policy Version - Final Date for Review: 1 October 2017 Lead Director: Performance, Quality and Cooperate Affairs

Information Governance Policy Version - Final Date for Review: 1 October 2017 Lead Director: Performance, Quality and Cooperate Affairs Information Governance Policy Version - Final Date for Review: 1 October 2017 Lead Director: Performance, Quality and Cooperate Affairs NOTE: This is a CONTROLLED Document. Any documents appearing in paper

More information

Date of review: January 2016 Policy Category: Corporate Sponsor (Director): Chief Executive CONTENT SECTION DESCRIPTION PAGE.

Date of review: January 2016 Policy Category: Corporate Sponsor (Director): Chief Executive CONTENT SECTION DESCRIPTION PAGE. Title: Information Governance Policy Date Approved: Approved by: Date of review: Policy Ref: Issue: January 2015 Information Governance Group Division/Department: January 2016 Policy Category: ISP-04 5

More information

Information Governance Standards in Relation to Third Party Suppliers and Contractors

Information Governance Standards in Relation to Third Party Suppliers and Contractors Information Governance Standards in Relation to Third Party Suppliers and Contractors Document Summary Ensure staff members are aware of the standards that should be in place when considering engaging

More information

Information Security and Governance Policy

Information Security and Governance Policy Information Security and Governance Policy Version: 1.0 Ratified by: Information Governance Group Date ratified: 19 th October 2012 Name of organisation / author: Derek Wilkinson Name of responsible Information

More information

INFORMATION GOVERNANCE POLICY

INFORMATION GOVERNANCE POLICY ENFIELD CLINICAL COMMISSIONING GROUP INFORMATION GOVERNANCE POLICY PLEASE DESTROY ALL PREVIOUS VERSIONS OF THIS DOCUMENT Enfield CCG Information Governance Policy Information Governance Policy (Policy

More information

INFORMATION GOVERNANCE

INFORMATION GOVERNANCE This document is uncontrolled once printed. Please refer to the Trusts Intranet site (Procedural Documents) for the most up to date version INFORMATION GOVERNANCE NGH-PO-233 Ratified By: Procedural Document

More information

Information governance policy

Information governance policy Information governance policy Issue sheet Document reference Document location Title Author Issued to Reason issued NHSBSAIGM002a S:\BSA\IGM\Mng IG\Developing Policy and Strategy\Develop or Review IG Policy\Current

More information

Information Governance Policy

Information Governance Policy Information Governance Policy Document Number 01 Version Number 2.0 Approved by / Date approved Effective Authority Customer Services & ICT Authorised by Assistant Director Customer Services & ICT Contact

More information

Information Governance Lead

Information Governance Lead Peninsula Community Health Information Governance Policy Title: Information Governance Policy Procedural Document Type: Policy Reference: CO-IG-P04 CQC Outcome: Version: 2.0 Approved by: Information Governance

More information

Information Governance Policy and Management Framework

Information Governance Policy and Management Framework Information Governance Policy and Management Framework Policy Number: IG01 Version: 3.0 Ratified by: Governing Body Date ratified: February 2016 Name of originator/author: Louise Chatwyn Information Governance

More information

Information Governance Policy

Information Governance Policy Information Governance Policy Reference: Information Governance Policy Date Approved: April 2013 Approving Body: Board of Trustees Implementation Date: April 2013 Version: 6 Supersedes: 5 Stakeholder groups

More information

INFORMATION GOVERNANCE AND SECURITY 1 POLICY DRAFTED BY: INFORMATION GOVERNANCE LEAD 2 ACCOUNTABLE DIRECTOR: SENIOR INFORMATION RISK OWNER

INFORMATION GOVERNANCE AND SECURITY 1 POLICY DRAFTED BY: INFORMATION GOVERNANCE LEAD 2 ACCOUNTABLE DIRECTOR: SENIOR INFORMATION RISK OWNER INFORMATION GOVERNANCE AND SECURITY 1 POLICY DRAFTED BY: INFORMATION GOVERNANCE LEAD 2 ACCOUNTABLE DIRECTOR: SENIOR INFORMATION RISK OWNER 3 APPLIES TO: ALL STAFF 4 COMMITTEE & DATE APPROVED: AUDIT COMMITTEE

More information

Information Governance Management Framework

Information Governance Management Framework Information Governance Management Framework Responsible Officer Author Business Planning & Resources Director Governance Manager Date effective from October 2015 Date last amended October 2015 Review date

More information

Information Governance policy

Information Governance policy Information Governance policy Key Points Information is a vital asset, both in terms of the clinical management of individual patients and the efficient management of services and resources throughout

More information

Information Security Policy

Information Security Policy Information Security Policy v2.0 Target Audience: Policy Endorsed by: ESCC Staff, members and other agencies handling ESCC information Governance Committee Final V2.0 Page 1 of 13 Information Security

More information

Information Governance Policy

Information Governance Policy Information Governance Policy Responsible Officer Author Ben Bennett, Business Planning & Resources Director Julian Lewis, Governance Manager Date effective from August 2009 Date last amended August 2009

More information

INFORMATION GOVERNANCE POLICY

INFORMATION GOVERNANCE POLICY INFORMATION GOVERNANCE POLICY Including the Information Governance Strategy Framework and associated Information Governance Procedures Last Review Date Approving Body N/A Governing Body Date of Approval

More information

BEFORE USING THIS GUIDANCE, MAKE SURE YOU HAVE THE MOST UP TO DATE VERSION GUIDANCE 2 POLICY AREA: INFORMATION GOVERNANCE

BEFORE USING THIS GUIDANCE, MAKE SURE YOU HAVE THE MOST UP TO DATE VERSION GUIDANCE 2 POLICY AREA: INFORMATION GOVERNANCE GUIDANCE 1 TITLE: INFORMATION GOVERNANCE FRAMEWORK 2 POLICY AREA: INFORMATION GOVERNANCE 3 ACCOUNTABLE DIRECTOR FOR POLICY AREA: DIRECTOR OF QUALITY AND GOVERNANCE 4 GUIDANCE DRAFTED BY: INTEGRATED GOVERNANCE

More information

Information Governance Training Plan v13

Information Governance Training Plan v13 Information Governance Training Plan To meet requirements of IGT v13 Lincolnshire East Clinical Commissioning Group Page 1 of 17 Contents Introduction Page 3 Training Provision Page 4 Staff Induction Awareness

More information

IG: Third Party Contracts and Contractors Policy

IG: Third Party Contracts and Contractors Policy IG: Third Party Contracts and Contractors Policy Document Summary This policy provides guidance on the Information Governance arrangements that need to be considered and / or implemented when engaging

More information

South East Coast Ambulance Service NHS Trust. Information Governance Working Group. Terms of Reference

South East Coast Ambulance Service NHS Trust. Information Governance Working Group. Terms of Reference South East Coast Ambulance Service NHS Trust Information Governance Working Group Terms of Reference 1. Constitution 1.1. The Board hereby resolves to establish a Working Group of the Risk Management &

More information

Type of change. V02 Review Feb 13. V02.1 Update Jun 14 Section 6 NPSAS Alerts

Type of change. V02 Review Feb 13. V02.1 Update Jun 14 Section 6 NPSAS Alerts Document Title Reference Number Lead Officer Author(s) (name and designation) Ratified By Central Alerting System (CAS) Policy NTW(O)17 Medical Director Tony Gray Head of Safety and Patient Experience

More information

INFORMATION ASSURANCE DOCUMENTED PLAN

INFORMATION ASSURANCE DOCUMENTED PLAN NHS South West Lincolnshire Clinical Commissioning Group (CCG) INFORMATION ASSURANCE DOCUMENTED PLAN Document History: Document Reference: Document Purpose: IG18 To provide guidance to all CCG staff about

More information

INFORMATION GOVERNANCE STRATEGY NO.CG02

INFORMATION GOVERNANCE STRATEGY NO.CG02 INFORMATION GOVERNANCE STRATEGY NO.CG02 Applies to: All NHS LA employees, Non-Executive Directors, secondees and consultants, and/or any other parties who will carry out duties on behalf of the NHS LA.

More information

INFORMATION ASSURANCE DOCUMENTED PLAN

INFORMATION ASSURANCE DOCUMENTED PLAN INFORMATION ASSURANCE DOCUMENTED PLAN Document Reference: Document Purpose: IG20 Date Approved: Approving Committee: To provide guidance to all CCG staff about the CCG s documented plan for Information

More information

Data Quality Policy SH NCP 2. Version: 5. Summary:

Data Quality Policy SH NCP 2. Version: 5. Summary: SH NCP 2 Summary: Keywords (minimum of 5): (To assist policy search engine) Target Audience: The Trust provides a framework to ensure all data that is recorded by the Trust is accurate and complies to

More information