Serius Infrmatin Gvernance Incidents - OverVIEW
|
|
- Milton Bridges
- 3 years ago
- Views:
Transcription
1 Serius Infrmatin Gvernance Incident Plicy UNIQUE REF NUMBER: AC/IG/019/V1.2 DOCUMENT STATUS: Apprved by Audit Cmmittee 19 June 2013 DATE ISSUED: June 2013 DATE TO BE REVIEWED: June P age
2 AMENDMENT HISTORY VERSION DATE AMENDMENT HISTORY V1 June 2013 Versin apprved by Audit Cmmittee 19 June 2013 AC/IG/019/V1.1 December 2013 Additin f branding and frmatting changes in line with Plicy fr Develpment f Plicies AC/IG/019/V1.2 February 2014 Additin f unique reference number prir t publicatin REVIEWERS NAME DATE TITLE/RESPONSIBILITY VERSION Dnna Dallaway June 2013 CSU Infrmatin Gvernance Manager V1 Matthew Hartland June 2013 Chief Finance Officer V1 Julia Dixn June 2013 Staff Side Representative V1 APPROVALS This dcument has been apprved by: NAME DATE TITLE/RESPONSIBILITY VERSION CCG Audit 19 June 2013 Delegated authrity frm the Bard V1 Cmmittee NB: The versin f this plicy used n the intranet must be a PDF cpy f the apprved versin. DOCUMENT STATUS This is a cntrlled dcument. Whilst this dcument may be printed, the electrnic versin psted n the intranet is the cntrlled cpy. Any printed cpies f the dcument are nt cntrlled. RELATED DOCUMENTS These dcuments will prvide additinal infrmatin: REFERENCE NUMBER AC/IG/008 AC/IG/010 AC/IG/011 AC/IG/013 AC/IG/014 AC/IG/016 AC/IG/020 AC/IG/002 DOCUMENT TITLE Crprate Recrds Plicy Data Prtectin Plicy Plicy and Cde f Cnduct Freedm f infrmatin Plicy Infrmatin Gvernance Plicy Infrmatin Gvernance Tlkit Plicy Infrmatin Security Plicy Passwrd Management Plicy RA (Smartcard) Plicy Safe Haven Plicy Staff Cde f Cnduct n Cnfidentiality VERSION APPLICABLE LEGISLATION Data Prtectin Act 1998 Human Rights Act 1998 Freedm f Infrmatin Act 2000 Access t Health Recrds Act 1990 (where nt superseded by the Data Prtectin Act) Cmputer Misuse Act Cpyright, Designs and Patent s Act 1998 (as amended by the Cpyright Cmputer Prgrams Regulatins 1992) 2 P age
3 Crime and Disrder Act Electrnic Cmmunicatins Act 2000 Regulatry f Investigatry Pwers Act 2000 Cmmn Law Duty f Cnfidentiality Natinal Health Service Act 1977 Natinal Health Service Act 2006 Health and Scial Care Act 2012 GLOSSARY OF TERMS TERM ACRONYM DEFINITION Serius Untward Incident SUI Any incident invlving the actual r ptential lss f persnal infrmatin that culd lead t identity fraud r cause ther significant distress t individuals shuld be cnsidered as serius. The definitin applies irrespective f the media invlved and includes lss f bth electrnic and paper recrds. Infrmatin Cmmissiner Office ICO The Infrmatin Cmmissiner s Office is the UK s independent authrity set up t uphld infrmatin rights in the public interest, prmting penness by public bdies and data privacy fr individuals. Find ut mre abut ur rganisatin. Senir Infrmatin Risk Officer SIRO Takes wnership f infrmatin risk and is a key factr in successfully raising the prfile f infrmatin risks and t embedding infrmatin risk management int Dudley CCG s culture. 3 P age
4 CONTENTS PAGE NO POLICY OVERVIEW Intrductin Purpse Wh this Plicy applies t 5 THE POLICY Definitin f an Infrmatin Gvernance Incident Immediate respnse t an Infrmatin Gvernance 5 Serius Untward Incident 6.0 Assessing the Severity f the Incident Reprting t the Infrmatin Gvernance Team Reprting t the Department f Health Infrming Patients Maintaining an Infrmatin Gvernance Incident File Securing Key Infrmatin including Healthcare Recrds Strage and Cpying f Secured Recrds Respnsibilities f the Senir Representative Incidents and Disciplinary Actins Disciplinary Prcess Dcument Decisin Making Onging Cmmunicatin with Infrmatin Gvernance Team Embedding the Actins and Learning Reprting Arrangements and Assurances External Reprting Mechanisms Dealing with the Media Mnitring Cmpliance 12 4 P age
5 POLICY OVERVIEW 1.0 Intrductin 1.1 This plicy defines the cre principles and prcedures assciated with the prcess f reprting and learning frm serius infrmatin gvernance incidents r events ccurring within Dudley CCG. 1.2 This Plicy acts as an appendix t lcal verarching Risk Management/Serius Incident Reprting Plicies. 1.4 The safe haven cncept f restricting access t identifiable data, albeit in a lgical cntext, is required t supprt the prcess that enables de-identified recrds t be created. 2.0 Purpse 2.1 The plicy prvides Dudley CCG staff with a framewrk in regards t the reprting f Serius Infrmatin Gvernance Incidents. 2.2 The purpse f this plicy is twfld. Firstly t prvide effective guidance t all managers and members f staff s as t ensure that they are fully aware f their individual rles and respnsibilities regarding the reprting and learning frm infrmatin gvernance incidents, and secndly t utline the gvernance structures and prcesses within Dudley CCG fr reprting f infrmatin gvernance incidents, analysis f events, disseminatin f relevant infrmatin cncerning trends and ensuring that lessns are learnt bth internally and externally t Dudley CCG. 3.0 Wh this Plicy applies t 3.1 The plicy applies t any persn directly emplyed by, cntracted r vlunteering with Dudley CCG. 3.2 The plicy applies t all staff, including thse n temprary cntracts and will be universally applied acrss all services within Dudley CCG t actively enhance the verall effectiveness and efficiency f rganisatinal learning frm infrmatin gvernance incidents s as t benefit bth staff and service users. THE POLICY 4.0 Definitin f Serius Infrmatin Gvernance Incident 4.1 As a guide, any incident invlving the actual r ptential lss f persnal infrmatin that culd lead t identity fraud r cause ther significant distress t individuals shuld be cnsidered as serius. 4.2 The abve definitin applies irrespective f the media invlved and includes lss f bth electrnic and paper recrds. 5.0 Immediate Respnse t Serius Infrmatin Gvernance Incident 5.1 In the first instance reprt the incident t yur line manager wh will then reprt it t the Infrmatin Gvernance Team. The incident will then be graded and reprted via the Infrmatin Gvernance Incident Reprting Tl fr the reprting f infrmatin gvernance serius incidents requiring investigatin t the Department f Health, Infrmatin Cmmissiner s Office and ther regulatrs, when apprpriate. 5 P age
6 5.2 If the incident invlves the lss f infrmatin regarding children r vulnerable adults the lcal Safeguarding Lead must be infrmed immediately. 5.3 Dudley CCG shuld have rbust plicies in place t ensure that apprpriate senir staff are ntified immediately f all incidents invlving data lss r breaches f cnfidentiality. 5.4 Where incidents ccur ut f hurs, n-call Directrs r ther nminated individuals shuld be infrmed f the incident and they shuld take actin t infrm the apprpriate cntacts. 6 P age
7 6.0 Identifying a Serius Infrmatin Gvernance Incident 6.1 The immediate respnse t the incident and the escalatin prcess fr reprting and investigating will vary accrding t the severity f the incident. Fllwing review f the table belw if the incident is nt classed as serius it shuld still be reprted via the n line reprting system. 6.2 Risk assessment methds cmmnly categrise incidents accrding t the likely cnsequences, with the mst serius being categrised as a 5 e.g. an incident shuld be categrised at the highest level that applies when cnsidering bth the characteristics and the risk f the incident. The table belw has been devised by the Department f Health specifically t grade infrmatin gvernance incidents, which is different frm the risk assessment matrix used fr ther types f incident) N significant reflectin n any individual r bdy. Media interest very unlikely Damage t an individual s reputatin. Pssible media interest e.g. celebrity invlved Damage t a team s reputatin. Sme lcal media interest that may nt g public Damage t a service s reputatin / lw key lcal media cverage Damage t an rganisatin s reputatin / lcal media cverage Damage t NHS reputatin / natinal media cverage Minr breach f cnfidentiality. Only a single individual affected Ptentially serius breach. Less than 5 peple affected r risk assessed as lw e.g. files were encrypted Serius ptential breach and risk assessed high e.g. unencrypted clinical recrds lst. Up t 20 peple affected Serius breach f cnfidentiality e.g. up t 100 peple affected Serius breach with either particularly sensitive infrmatin e.g. sexual health details, r, up t 1000 peple affected Serius breach with ptential fr ID theft r ver 1000 peple affected 7 P age
8 7.0 Reprting t the Infrmatin Gvernance Team 7.1 The serius infrmatin gvernance incident (all incidents rated as 1 5 as per the table n page 7) shuld be reprted t the Infrmatin Gvernance team. The prcess is s that this can be lgged and given a reference number. The 24 hur reprt and investigatin cmmence. The fllwing infrmatin shuld be prvided in each case:- Date, time and lcatin f the incident Type f Incident: Cnfidential Infrmatin Leak Cntact details fr lcal incident manager Cnfirmatin that apprpriate and dcumented incident management prcedures are being fllwed and that disciplinary actin will be invked where apprpriate fllwing the investigatin Descriptin f what happened: Theft, accidental lss, inapprpriate disclsure, prcedural failure, etc The number f patients/staff (individual data subjects) invlved The number f recrds invlved The media (paper, electrnic) f the recrds If electrnic media, whether encrypted r nt The type f recrd r data invlved and sensitivity Whether the SUI is in the public dmain Whether the media (press etc) are invlved r there is a ptential fr media interest Whether there are legal implicatins fr the CCG Initial assessment f level f SUI (see table at Annex A and 4.2 Assessing the Incident Level ). Whether the fllwing have been ntified (frmally r infrmally): Data subjects Caldictt Guardian Senir Infrmatin Risk Owner Chief Executive Accunting Officer Infrmatin Cmmissiner fr SUI level 3 and abve Plice, Cunter Fraud Branch, etc Immediate actin taken, including whether any staff have been suspended pending the results f the investigatin 7.2 Reprting f the incident shuld be undertaken as sn as practically pssible (and n later than 24 hurs f the incident during the wrking week). 7.3 If there is any dubt as t whether r nt an incident meets the SUI reprting criteria, the Infrmatin Gvernance team shuld be cntacted fr advice. 7.4 Early infrmatin, n matter hw brief, is better than full infrmatin that is t late. Dudley CCG shuld keep the Infrmatin Gvernance team infrmed f any significant develpments in internal/external investigatins, as apprpriate. 8.0 Reprting t the Department f Health 8.1 Health and Scial Care rganisatins have an nging respnsibility t reprt infrmatin gvernance incidents t the Department f Health and histrically this was thrugh Strategic Health Authrities (SHAs) and Primary Care Trusts (PCTs), but as these 8 P age
9 establishments n lnger exist frm April 2013, there will be n representatin t take respnsibility fr ensuring the Department f Health are kept infrmed mving frward. The nline infrmatin gvernance reprting f SUIs via the Infrmatin Gvernance Tlkit has been develped jintly with the Infrmatin Cmmissiner s Office t reduce the rganisatinal burden f reprting incidents and an attempt has been made t align Department f Health and Infrmatin Cmmissiner Office prcesses. Once an incident is recrded as a Level 2 severity by using this tl an autmated ntificatin will be sent t Department f Health, the Infrmatin Cmmissiner s Office and relevant regulatrs if required. 8.2 The Department f Health will review the incident and determine the need t brief Ministers and/r take ther actin at a natinal level. 9.0 Infrming Patients 9.1 Cnsideratin shuld always be given t infrming patients when persnal cnfidential data abut them has been lst r inapprpriately placed in the public dmain. Where there is any risk f identity theft it is strngly recmmended that this is dne. 9.2 Being pen (please refer t lcal Being Open Plicy) when things g wrng is an essential element within ensuring effective partnership between patients and Dudley CCG. The Natinal Health Service Litigatin Authrity strngly advcates prfessinals t be hnest and transparent with patients and their relatives, especially when supprting them pst incident. 9.3 The NHS Litigatin Authrity states that it is bth natural and desirable t sympathise and express srrw r regret f the harm caused. Such an expressin wuld nt cnstitute an admissin f liability. In additin it is nted that many patients and relatives ften ask fr a detailed explanatin f the circumstances surrunding an incident, therefre it wuld be deemed gd practice t prvide the facts. Such penness can ften prevent incidents frm becming frmal cmplaints and litigatin claims. Staff are advised that further guidance in respect t this issue can be btained frm the Infrmatin Gvernance team Maintaining Infrmatin Gvernance Incident File 10.1 A cpy f all reprts shuld be sent t the Infrmatin Gvernance team wh will ensure that all serius infrmatin gvernance incidents are apprpriately filed within the department s as t ensure effective tracking f incident investigatins, rbust risk management prcess and apprpriate rganisatinal learning takes places A cpy f the final reprt f the investigatin shall be placed within the relevant investigatin file held by the Infrmatin Gvernance team and the Infrmatin Gvernance Tlkit reprt will be updated t indicate lessns learnt Securing Key Infrmatin including Healthcare Recrds 11.1 Clinical and Dudley CCG dcumentatin can play an imprtant part in understanding the rt causes f an adverse incident. Therefre it is essential t preserve such infrmatin at the earliest pprtunity Advice shuld be taken frm the Infrmatin Gvernance team t determine which dcuments shuld be retained. 9 P age
10 11.3 If the data lss is due t criminal activity the site where the lss ccurred shuld be preserved until the Plice arrive Strage and Cpying f Secured Recrds 12.1 The senir representative will be respnsible fr making suitable arrangements fr the strage and cpying f secured recrds Respnsibilities f the Senir Representative 13.1 Fr the purpse f this plicy, the fllwing individuals are cnsidered t have the apprpriate levels f respnsibility and experience t undertake the rle f senir representative:- Chief Officer On Call Directr Heads f 13.2 Senir representatives are als respnsible fr ensuring all staff invlved in the incident are apprpriately supprted, and this may include:- Visiting the site and talking with staff Ensuring access t debriefing/cunselling as required Arranging practical and emtinal supprt and cnsidering whether staff are fit t cntinue wrking their shift fr that day Ensuring arrangements are made fr patients and their carers/relatives are infrmed f the incident, and are given supprt. Patients rights t cnfidentiality must be cnsidered and any cnsent t disclsure f infrmatin is dcumented within their ntes The ptin f staff side/unin assistance is available fr supprt The senir representative will als discuss the serius incident with the Infrmatin Gvernance team t agree if the incident is a serius incident r can be classed as an incident r near miss The Infrmatin Gvernance team will als liaise with relevant Directrs/Managers t determine the mst apprpriate CCG respnse t the event, and this will be either: Stand the incident dwn, r Cmmence an investigatin 13.5 Once this decisin has been reached a cnfirmatin will be generated and sent t the relevant parties Incidents and Disciplinary Actins 14.1 It is essential that as part f the serius incident prcess that attentin is paid t determining whether r nt any disciplinary actin may be required Disciplinary Prcess 15.1 Attentin is drawn t hw the investigatinal prcess shuld never be utilised as part f a disciplinary prcess; indeed if any grunds fr disciplinary actin are identified these must be addressed separately fllwing guidance identified in lcal disciplinary plicies. 10 P age
11 15.2 Attentin is als drawn t hw, in exceptinal circumstances, the incident may need referral t the Plice. This decisin shuld be made in cnsultatin with the Chief Accuntable Officer, Senir Incident Reprting Officer (SIRO), Human Resurces lead and the Infrmatin Gvernance team Dcumenting Decisin Making 16.1 Please nte that in all circumstances when a decisin is made t either undertake an investigatin r stand dwn the incident, a full recrd f the ratinale fr this must be dcumented by the Infrmatin Gvernance team Onging Cmmunicatin with the Infrmatin Gvernance Team 17.1 If it has been agreed that an investigatin is required, the Infrmatin Gvernance team shuld be infrmed f the fllwing:- Team members (name and psitin) and cntact details Terms f Reference fr the investigatin Deadlines fr cmpletin f investigatin, including changes t deadline if applicable Media interest Final reprt 18.0 Embedding the Actins and Learning 18.1 Individuals/teams wh led the investigatin and the senir team representative f the department where the incident ccurred are t meet with the Head f Infrmatin Gvernance t discuss findings and actins Reprting Arrangements and Assurances 19.1 The final investigatin reprt and agreed actins shuld be reprted t the lcal Audit Cmmittee as per lcal prcess The Head f Infrmatin Gvernance t bring t the attentin f the SIRO fr infrmatin and actin as apprpriate External Reprting Mechanisms 20.1 The Infrmatin Gvernance team will ensure that all reprting f serius infrmatin gvernance incidents t rganisatins external t the health service, i.e. Infrmatin Cmmissiner s Office takes place in a timely and efficient manner Dealing with the Media 21.1 Any member f staff receiving such enquires (especially thse relating t serius incidents) directly frm a member f the press must decline t supply any details. In such circumstances staff are advised t direct all calls t Dudley CCG s Cmmunicatins Department. This will ensure security is nt breached and patients, relatives and emplyees are prtected. The Chief Accuntable Office and Head f Cmmunicatins will determine hw ften they will require updates, dependent n media interest The Cmmunicatins Team shuld then infrm the Infrmatin Gvernance team if there has been any media interest regarding the serius infrmatin gvernance incident. 11 P age
12 22.0 Mnitring Cmpliance 22.1 Staff are expected t cmply with the requirements set ut within the Serius Infrmatin Gvernance Incident Plicy and related plicies. Cmpliance will be mnitred via Manager and IG Team reprts f spt checks, cmpletin f staff questinnaires, incidents reprted, electrnic audit trails and submissin f the Infrmatin Gvernance Tlkit Nn adherence t the Serius Infrmatin Gvernance Incident Plicy and related plicies will result in lcal disciplinary plicies being implemented. 12 P age
Personal Data Security Breach Management Policy
Persnal Data Security Breach Management Plicy 1.0 Purpse The Data Prtectin Acts 1988 and 2003 impse bligatins n data cntrllers in Western Care Assciatin t prcess persnal data entrusted t them in a manner
More informationKey Steps for Organizations in Responding to Privacy Breaches
Key Steps fr Organizatins in Respnding t Privacy Breaches Purpse The purpse f this dcument is t prvide guidance t private sectr rganizatins, bth small and large, when a privacy breach ccurs. Organizatins
More informationCASSOWARY COAST REGIONAL COUNCIL POLICY ENTERPRISE RISK MANAGEMENT
CASSOWARY COAST REGIONAL COUNCIL POLICY ENTERPRISE RISK MANAGEMENT Plicy Number: 2.20 1. Authrity Lcal Gvernment Act 2009 Lcal Gvernment Regulatin 2012 AS/NZS ISO 31000-2009 Risk Management Principles
More informationProcess for Responding to Privacy Breaches
Prcess fr Respnding t Privacy Breaches 1. Purpse 1.1 This dcument sets ut the steps that ministries must fllw when respnding t a privacy breach. It must be read in cnjunctin with the Infrmatin Incident
More informationData Protection Act Data security breach management
Data Prtectin Act Data security breach management The seventh data prtectin principle requires that rganisatins prcessing persnal data take apprpriate measures against unauthrised r unlawful prcessing
More informationNational Australia Bank Limited Group Disclosure & External Communications Policy
Natinal Australia Bank Limited Grup Disclsure & External Cmmunicatins Plicy Grup Disclsure & External Cmmunicatins Plicy Page 2 f 7 Grup Disclsure & External Cmmunicatins Plicy ( the Plicy ) 1. Overview
More informationMalpractice and Maladministration Policy
TR340 Malpractice and Maladministratin Plicy This plicy aims t: Define malpractice and maladministratin in the cntext f CIM/CAM studying members, Accredited study centres (ASCs), examinatin centres, invigilatrs
More informationnbn is committed to identifying hazards, preventing workplace accidents and minimising dangerous health safety and environment incidents.
Incident & Hazard Reprting Overview At nbn we are safe, disciplined and reliable. nbn is cmmitted t preventing injury, illness and envirnmental harm by prviding a safe and healthy wrking envirnment fr
More informationCorporate Standards for data quality and the collation of data for external presentation
The University f Kent Crprate Standards fr data quality and the cllatin f data fr external presentatin This paper intrduces a set f standards with the aim f safeguarding the University s psitin in published
More informationLINCOLNSHIRE POLICE Policy Document
LINCOLNSHIRE POLICE Plicy Dcument 1. POLICY IDENTIFICATION PAGE POLICY TITLE: ICT CHANGE & RELEASE MANAGEMENT POLICY POLICY REFERENCE NO: PD 186 POLICY OWNERSHIP: ACPO Cmmissining Officer: Prtfli / Business-area
More informationFinance, Performance and Risk Committee 2014/2015
Finance, Perfrmance and Risk Cmmittee 2014/2015 Date f Meeting: 17 December 2014 Agenda Item: Click here t enter text. Subject: Infrmatin Gvernance Plicy Reprting Officer: Paul Byrne Lead IG Manager Aim
More informationUniversity of Texas at Dallas Policy for Accepting Credit Card and Electronic Payments
University f Texas at Dallas Plicy fr Accepting Credit Card and Electrnic Payments Cntents: Purpse Applicability Plicy Statement Respnsibilities f a Merchant Department Prcess t Becme a Merchant Department
More informationChange Management Process
Change Management Prcess B1.10 Change Management Prcess 1. Intrductin This plicy utlines [Yur Cmpany] s apprach t managing change within the rganisatin. All changes in strategy, activities and prcesses
More informationInternet and E-Mail Policy User s Guide
Internet and E-Mail Plicy User s Guide Versin 2.2 supprting partnership in mental health Internet and E-Mail Plicy User s Guide Ver. 2.2-1/5 Intrductin Health and Scial Care requires a great deal f cmmunicatin
More informationHIPAA HITECH ACT Compliance, Review and Training Services
Cmpliance, Review and Training Services Risk Assessment and Risk Mitigatin: The first and mst imprtant step is t undertake a hlistic risk assessment that examines the risks and cntrls related t fur critical
More informationHandling professional conduct complaints against doctors
Handling prfessinal cnduct cmplaints against dctrs Handling prfessinal cnduct cmplaints against dctrs Handling prfessinal cnduct cmplaints against dctrs Avant supprts: à a natinally cnsistent apprach t
More informationCOPIES-F.Y.I., INC. Policies and Procedures Data Security Policy
COPIES-F.Y.I., INC. Plicies and Prcedures Data Security Plicy Page 2 f 7 Preamble Mst f Cpies FYI, Incrprated financial, administrative, research, and clinical systems are accessible thrugh the campus
More informationBriefing 4 Inquests and the disclosure of information to the coroner
briefing February 2013 The Francis Reprt Briefing 4 Inquests and the disclsure f infrmatin t the crner Key chapters Key recmmendatins 2, 11, 14, 22 274, 45, 273, 282, 283, 17 There is a requirement nt
More informationDraft for consultation
Draft fr cnsultatin Draft Cde f Practice n discipline and grievance May 2008 Further infrmatin is available frm www.acas.rg.uk CONSULTATION ON REVISED ACAS CODE OF PRACTICE ON DISCIPLINE AND GRIEVANCE
More informationMulti-Year Accessibility Policy and Plan for NSF Canada and NSF International Strategic Registrations Canada Company, 2014-2021
Multi-Year Accessibility Plicy and Plan fr NSF Canada and NSF Internatinal Strategic Registratins Canada Cmpany, 2014-2021 This 2014-21 accessibility plan utlines the plicies and actins that NSF Canada
More informationPublic consultation paper
Public cnsultatin paper Nvember 2012 Public cnsultatin n guidelines fr prfessinal indemnity insurance arrangements fr nurses and nurse practitiners. Please prvide feedback by email t: nmbafeedback@ahpra.gv.au
More informationRisk Management Policy AGL Energy Limited
Risk Management Plicy AGL Energy Limited AUGUST 2014 Table f Cntents 1. Abut this Dcument... 2 2. Plicy Statement... 2 3. Purpse... 2 4. AGL Risk Cntext... 3 5. Scpe... 3 6. Objectives... 3 7. Accuntabilities...
More informationHeythrop College Disciplinary Procedure for Support Staff
Heythrp Cllege Disciplinary Prcedure fr Supprt Staff Intrductin 1. This prcedural dcument des nt apply t thse academic-related staff wh are mentined in the Cllege s Ordinance, namely the Librarian and
More informationCROPREDY SURGERY Dr J Wright & Dr B Tucker
CROPREDY SURGERY Dr J Wright & Dr B Tucker POLICY - COMPLAINTS Intrductin The bjectives f the cmplaints plicy are as fllws. Any cmplaint is dealt with in an effective and timely manner The cmplainant is
More informationPADUA COLLEGE LIMITED ACN 072 693 700 ABN 20 072 693 700
PADUA COLLEGE LIMITED ACN 072 693 700 ABN 20 072 693 700 Plicy Title Versin Number Date Issued Critical Incident Management Plicy 2.0 Nvember 2007 Reviewed April 2010 June 2015 Definitin Critical incidents
More informationHow To Deal With A Data Breach In The European Law
Data Prtectin: Regulating Cyber Security Jnathan Bamfrd Head f Strategic Liaisn Hw des DP regulatin affect cyber security? Data Prtectin Act 1998: apprpriate security Privacy and Electrnic Cmmunicatin
More informationEnvironment Protection Authority
Envirnment Prtectin Authrity EPA Cmplaints Management Plicy Intrductin This plicy sets ut the purpse, principles and prcess fr hw custmer feedback, including cmplaints, will be managed in the EPA t imprve
More informationCHANGE MANAGEMENT STANDARD
The electrnic versin is current, r when printed and stamped with the green cntrlled dcument stamp. All ther cpies are uncntrlled. DOCUMENT INFORMATION Descriptin Dcument Owner This standard utlines the
More informationInternal Audit Charter and operating standards
Internal Audit Charter and perating standards 2 1 verview This dcument sets ut the basis fr internal audit: (i) the Internal Audit charter, which establishes the framewrk fr Internal Audit; and (ii) hw
More informationGeneral Records Authority 33. Accredited Training
General Recrds Authrity 33 2012/00579704 Accredited Training February 2013 This is an accurate reprductin f the authrised recrds authrity cntent, created fr accessibility purpses CONTENTS INTRODUCTION
More informationData Protection Policy & Procedure
Data Prtectin Plicy & Prcedure Page 1 Prcnnect Marketing Data Prtectin Plicy V1.2 Data prtectin plicy Cntext and verview Key details Plicy prepared by: Adam Haycck Apprved by bard / management n: 01/01/2015
More informationCreating an Ethical Culture and Protecting Your Bottom Line:
Creating an Ethical Culture and Prtecting Yur Bttm Line: Best Practices fr Crprate Cdes f Cnduct Nte: The infrmatin belw and all infrmatin n this website is nt meant t be taken as legal advice. Please
More informationEqual Pay Audit 2014 Summary
Equal Pay Audit 2014 Summary Abut the dcument The fllwing summary is an abridged versin f Ofcm s equal pay audit 2014. In the full versin f the reprt we set ut ur key findings, cmment n any issues arising
More informationGravesham Borough Council
Classificatin: Part 1 Public Key Decisin: Please specify - N Gravesham Brugh Cuncil Reprt t: Perfrmance and Administratin Cmmittee Date: 12 Nvember 2015 Reprting fficer: Subject: Crprate Perfrmance Manager
More informationRemote Working (Policy & Procedure)
Remte Wrking (Plicy & Prcedure) Publicatin Scheme Y/N Department f Origin Plicy Hlder Authrs Can be published n Frce Website Prfessinal Standards Department (PSD) Ch Supt Head f PSD IT Security Officer
More informationAUDIT AND RISK COMMITTEE TERMS OF REFERENCE
AUDIT AND RISK COMMITTEE TERMS OF REFERENCE 1. TITLE OF COMMITTEE Audit and Risk Cmmittee 2. ESTABLISHMENT The Audit and Risk Cmmittee is established under Part 3 Sectin 19(1) f the Charles Darwin University
More informationAudit Committee Charter. St Andrew s Insurance (Australia) Pty Ltd St Andrew s Life Insurance Pty Ltd St Andrew s Australia Services Pty Ltd
Audit Cmmittee Charter St Andrew s Insurance (Australia) Pty Ltd St Andrew s Life Insurance Pty Ltd St Andrew s Australia Services Pty Ltd Versin 2.0, 22 February 2016 Apprver Bard f Directrs St Andrew
More informationTHE CITY UNIVERSITY OF NEW YORK IDENTITY THEFT PREVENTION PROGRAM
THE CITY UNIVERSITY OF NEW YORK IDENTITY THEFT PREVENTION PROGRAM 1. Prgram Adptin The City University f New Yrk (the "University") develped this Identity Theft Preventin Prgram (the "Prgram") pursuant
More informationDisplayNote Technologies Limited Data Protection Policy July 2014
DisplayNte Technlgies Limited Data Prtectin Plicy July 2014 1. Intrductin This dcument sets ut the bligatins f DisplayNte Technlgies Limited ( the Cmpany ) with regard t data prtectin and the rights f
More informationProfessional indemnity insurance arrangements for enrolled nurses, registered nurses and nurse practitioners
Guideline August 2013 Prfessinal indemnity insurance arrangements fr enrlled nurses, registered nurses and nurse practitiners Intrductin This guideline has been develped by the Nursing and Midwifery Bard
More informationBusiness Continuity Management Policy
Business Cntinuity Management Plicy Versin: 1.0 Last Amendment: Apprved by: Library Cuncil f New Suth Wales Plicy wner/spnsr: Directr, Operatins and Chief Financial Officer Plicy Cntact Officer: Senir
More informationPrivacy Breach and Complaint Protocol
Privacy Breach and Cmplaint Prtcl Effective: December 31, 2012 Apprved by: Le McKenna, CFO 1.0 General Privacy breaches and privacy cmplaints will be handled in accrdance with this prtcl. This prtcl is
More informationAudit Committee Charter
Audit Cmmittee Charter Membership The Audit Cmmittee (the "Cmmittee") f the Bard f Directrs (the "Bard") f Philip Mrris Internatinal Inc. (the "Cmpany") shall cnsist f at least three directrs all f whm
More informationTITLE: RECORDS AND INFORMATION MANAGEMENT POLICY
TITLE: RECORDS AND INFORMATION MANAGEMENT POLICY REFERENCE NUMBER: 14/103368 RESPONSIBLE DEPARTMENT: Crprate Services APPLICABLE LEGISLATION: State Recrds Act 1997 Lcal Gvernment Act 1999 Crpratins Act
More informationPrivacy Policy. The Central Equity Group understands how highly people value the protection of their privacy.
Privacy Plicy The Central Equity Grup understands hw highly peple value the prtectin f their privacy. Fr that reasn, the Central Equity Grup takes particular care in dealing with any persnal and sensitive
More informationDRUG, ALCOHOL AND SUBSTANCE MISUSE POLICY FOR THE WORKPLACE
DRUG, ALCOHOL AND SUBSTANCE MISUSE POLICY FOR THE WORKPLACE Intrductin Write yur business name here recgnises that drug, alchl and substance misuse are grwing scial and medical prblems, which can lead
More informationFinancial Accountability Handbook
Financial Accuntability Handbk >> Vlume 5 Reprting Systems Infrmatin Sheet 5.2 Preparatin f Financial Statements Intrductin The Financial Accuntability Act 2009 (the Act) and the Financial and Perfrmance
More informationTexas Woman's University University Policy Manual
Texas Wman's University University Plicy Manual Plicy Name: Plicy Number: 6.06 Date Passed: July 2004 Health Insurance Prtability& Accuntability Act (HIPAA) Date Reviewed: September 2008 Next Review: September
More informationHuman Resources Policy pol-020
Human Resurces Plicy pl-020 Versin: 2.00 Last amendment: Jul 2014 Next Review: Jul 2017 Apprved By: Cuncil Date: 04 May 2005 Cntact Officer: Directr, Office f Human Resurce Services INTRODUCTION The University
More informationE-Business Strategies For a Cmpany s Bard
DATATEC LIMITED BOARD CHARTER / TERMS OF REFERENCE 1. CONSTITUTION The primary bjective f the Cmpany s Bard Charter is t set ut the rle and respnsibilities f the Bard f Directrs ( the Bard ) as well as
More informationPENETRATION TEST OF THE INDIAN HEALTH SERVICE S COMPUTER NETWORK
Department f Health and Human Services OFFICE OF INSPECTOR GENERAL PENETRATION TEST OF THE INDIAN HEALTH SERVICE S COMPUTER NETWORK Inquiries abut this reprt may be addressed t the Office f Public Affairs
More informationKey Steps to Responding to Privacy Breaches. Nova Scotia Freedom of Information and Protection of Privacy Review Office
Key Steps t Respnding t Privacy Breaches Nva Sctia Freedm f Infrmatin and Prtectin f Privacy Review Office ~ 1 ~ ~ 1 ~ 1 ~ Key Steps t Respnding t Privacy Breaches 1 Key Key Steps Steps t t Respnding
More informationOUR DISCIPLINARY POLICY
OUR DISCIPLINARY POLICY WHO is this plicy fr? Channel 4 emplyees wh ve passed their prbatinary perid Channel 4 managers This plicy des nt frm part f any emplyee s cntract f emplyment and we may amend it
More informationSchool Psychology Program: Fitness to Practice Policy
Schl Psychlgy Prgram: Fitness t Practice Plicy This Fitness t Practice Plicy applies t all students upn enrllment in the Schl Psychlgy Prgram, and remains in effect until cmpletin f the Prgram. It is imprtant
More informationPrivacy and Security Training Policy (PS.Pol.051)
Privacy and Security Training Plicy (PS.Pl.051) Purpse T define the plicies and prcedures fr prviding privacy and security training in respect f the CnnectingGTA Slutin. Definitins Electrnic Service Prvider
More informationBLUE RIDGE COMMUNITY AND TECHNICAL COLLEGE BOARD OF GOVERNORS
BLUE RIDGE COMMUNITY AND TECHNICAL COLLEGE BOARD OF GOVERNORS SERIES: 1 General Rules RULE: 17.1 Recrd Retentin Scpe: The purpse f this rule is t establish the systematic review, retentin and destructin
More informationMSB FINANCIAL CORP. MILLINGTON BANK AUDIT COMMITTEE CHARTER
MSB FINANCIAL CORP. MILLINGTON BANK AUDIT COMMITTEE CHARTER This Audit Cmmittee Charter has been amended as f July 17, 2015. The Audit Cmmittee shall review and reassess this Charter annually and recmmend
More informationNHS WEST NORFOLK CLINICAL COMMISSIONING GROUP SAFEHAVEN POLICY
NHS WEST NORFOLK CLINICAL COMMISSIONING GROUP SAFEHAVEN POLICY 1 DOCUMENT CONTROL SHEET Name f Dcument: Safehaven Plicy Versin: 1 File Lcatin / Dcument Name: Held by Senir Infrmatin Risk Owner (SIRO):
More informationProject Open Hand Atlanta. Health Insurance Portability and Accountability Act (HIPAA) NOTICE OF PRIVACY PRACTICES
Prject Open Hand Atlanta Effective Date: April 14, 2003 Health Insurance Prtability and Accuntability Act (HIPAA) The Health Insurance Prtability and Accuntability Act f 1996 (HIPAA) directs health care
More informationWaitemata District Health Board, 15 Shea Terrace, Takapuna
Date: Octber 2015 Jb Title: Quality and Audit Manager Department: Planning, Funding and Outcmes Unit Lcatin: Waitemata District Health Bard, 15 Shea Terrace, Takapuna Reprting t: Directr Funding Direct
More informationCommunicating Deficiencies in Internal Control to Those Charged with Governance and Management
Internatinal Auditing and Assurance Standards Bard ISA 265 April 2009 Internatinal Standard n Auditing Cmmunicating Deficiencies in Internal Cntrl t Thse Charged with Gvernance and Management Internatinal
More informationSources of Federal Government and Employee Information
Inf Surce Surces f Federal Gvernment and Emplyee Infrmatin Ridley Terminals Inc. TABLE OF CONTENTS General Infrmatin Intrductin t Inf Surce Backgrund Respnsibilities Institutinal Functins, Prgram and Activities
More informationHow To Ensure That The Internet Is Safe For A Health Care Worker
POLICY Dc. Cde: IS I5 INTERNET - ACCEPTABLE USE Applicable t: MidCentral DHB Including MidCentral Health & Enable NZ Issued by: Infrmatin Systems Cntact: Manager Service Delivery 1. PURPOSE This plicy
More informationAn employer s Guide to engaging an occupational health physician
An emplyer s Guide t engaging an ccupatinal health physician When and why d emplyers need the services f ccupatinal physicians? Being in business invlves risk. Business pprtunities are inherently uncertain
More informationBusiness Plan 2014-15
Cmmissin fr Lcal Administratin in England Business Plan 2014-15 All Business Plan activity is linked t ur fur Strategic Objectives LGO Business Plan 2014-2015 v web 3 Page 1 descriptin 1. Prvide a cmplaints
More informationFERRIS STATE UNIVERSITY SCHOOL of NURSING CODE of CONDUCT
1 FERRIS STATE UNIVERSITY SCHOOL f NURSING CODE f CONDUCT The Schl f Nursing (SON) at Ferris State University uphlds the University Cde f Student Cnduct and the American Nurses Assciatin Cde f Ethics.
More informationFAFSA / DREAM ACT COMPLETION PROGRAM AGREEMENT
FAFSA / DREAM ACT COMPLETION PROGRAM AGREEMENT If using US Pstal Service, please return t: Califrnia Student Aid Cmmissin Prgram Administratin & Services Divisin ATTN: Institutinal Supprt P.O. Bx 419028
More informationCOMPREHENSIVE SAFETY ASSESSMENT INSTRUCTIONS for STUDY ABROAD PROGRAMS
COMPREHENSIVE SAFETY ASSESSMENT INSTRUCTIONS fr STUDY ABROAD PROGRAMS Belw is a list f items t address and questins that need t be addressed in the cmprehensive safety assessment. In additin t the safety
More informationHow To Write A Scial Media Plicy
Scial Media Plicy Scial Media Plicy Recrd Number D14/78 Respnsible Manager Directr Business Supprt and Strategy Manager Custmer and Cmmunicatins Last reviewed 11 February 2014 Adptin reference Cuncil Reslutin
More informationChapter 7 Business Continuity and Risk Management
Chapter 7 Business Cntinuity and Risk Management Sectin 01 Business Cntinuity Management 070101 Initiating the Business Cntinuity Plan (BCP) Purpse: T establish the apprpriate level f business cntinuity
More informationOrganisational self-migration guide an overview V1-5 April 2014
Organisatinal self-migratin guide an verview V1-5 April 2014 Cpyright 2013, Health and Scial Care Infrmatin Centre. 1 Self Migratin t NHSmail an verview fr rganisatins Cntents Intrductin 3 1. Initial preparatins
More informationEmployees - recruitment, records and monitoring
Emplyees - recruitment, recrds and mnitring This guidance has been prduced t help rganisatins cmply with the Data Prtectin Act (DPA) when recruiting and emplying wrkers. It is relevant t public sectr emplyers,
More informationHow To Write An Ehsms Training, Awareness And Competency Procedure
Envirnmental, Health & Safety Management System (EHSMS) Dcument Number: 00122 Issue Date: 05/07/2014 Training, Awareness and Cmpetency Prcedure Revisin Number: 7 Prepared By: Stalcup, Bryce Apprved By:
More informationUNIVERSITY OF CALIFORNIA MERCED PERFORMANCE MANAGEMENT GUIDELINES
UNIVERSITY OF CALIFORNIA MERCED PERFORMANCE MANAGEMENT GUIDELINES REFERENCES AND RELATED POLICIES A. UC PPSM 2 -Definitin f Terms B. UC PPSM 12 -Nndiscriminatin in Emplyment C. UC PPSM 14 -Affirmative
More informationSELDOC Complaints policy 2011-2013 2
Cmplaints Plicy Reviewed by Clinical Gvernance Cmmittee Date effective December 2011 Supersedes March 2011 Next review date December 2013 Respnsible fr plicy Clinical Gvernance Cmmittee Apprved by Bard
More informationGUIDANCE FOR BUSINESS ASSOCIATES
GUIDANCE FOR BUSINESS ASSOCIATES This Guidance fr Business Assciates dcument is intended t verview UPMCs expectatins, as well as t prvide additinal resurces and infrmatin, t UPMC s HIPAA business assciates.
More informationCLEARANCE REVIEWS FOR STUDENT RESTRICTION ISSUES OTHER THAN ACADEMIC PROGRESS
CLEARANCE REVIEWS FOR STUDENT RESTRICTION ISSUES OTHER THAN ACADEMIC PROGRESS Only the Ministry f Training, Clleges & Universities can cnsider clearance reviews fr mst ther student restrictin issues. These
More informationThere are a number of themed areas for which the Council has responsibility, and each of these is likely to generate debts of a specific type:
Wiltshire Cuncil Crprate Debt Recvery Plicy: 29102010 WILTSHIRE COUNCIL CORPORATE DEBT RECOVERY POLICY 1. Intrductin The Cuncil raises a significant prprtin f its ttal incmes thrugh lcal taxes and charges,
More informationState Fleet Card Oversight Usage and Responsibilities
State Fleet Card Oversight Usage and Respnsibilities Intrductin The Department f General Services (DGS), Office f Fleet and Asset Management (OFAM) administers a statewide ne-prvider payment system cntract
More informationNursing Jobs Description and Profile of a Health & Medical Assistant
HOLY CROSS HOSPITAL JOB DESCRIPTION AND CANDIDATE PROFILE Jb title: Respnsible t: Accuntable t: Key wrking relatinships: Staff Nurse Ward Sister Directr f Clinical Services Directr f Clinical Services,
More informationCustomer Care Policy
Custmer Care Plicy Page 1 f 12 CUSTOMER CARE POLICY Keighley & District Vlunteer Centre and Bradfrd Vlunteer Centre are independent charities that wrk in partnership t prmte vlunteering and t supprt lcal
More informationResearch Governance Policy
Research Gvernance Plicy 1. Scpe and Purpse 2. Need fr a research gvernance plicy T meet the requirements f funding bdies T manage risk T imprve the quality f research T prtect the quality f research T
More informationHealth and Safety Training and Supervision
Intrductin: Health and Safety Training and Supervisin University f Nttingham is cmmitted t maintaining and develping standards f excellence in all aspects f its business. T that end, the University aspires
More informationVCU Payment Card Policy
VCU Payment Card Plicy Plicy Type: Administrative Respnsible Office: Treasury Services Initial Plicy Apprved: 12/05/2013 Current Revisin Apprved: 12/05/2013 Plicy Statement and Purpse The purpse f this
More informationPlanning a Successful State LEADS Program
Planning a Successful State LEADS Prgram A Suggested Timeline fr State Federatins Spring State Cnventins Annunce the current year s LEADS candidate at the state Cnventin. Use the pprtunity t build enthusiasm
More informationJunior Medical Officer. Supervision Guideline SAMPLE ONLY
Junir Medical Officer Supervisin Guideline SAMPLE ONLY Versin 1.0 February 2011 The Junir Dctr Supervisin Guideline has been develped by SA IMET t prvide facilities with a plicy guideline. Facilities may
More informationHelicopter Landing Sites Planning, Implementation and Management
Directive # QH-HSD-039:2013 Effective Date: 01 July 2013 Review Date: 01 July 2016 Supersedes: Nil Landing Sites Planning, Implementatin and Management Purpse The purpse f this Health Service Directive
More informationHow to put together a Workforce Development Fund (WDF) claim 2015/16
Index Page 2 Hw t put tgether a Wrkfrce Develpment Fund (WDF) claim 2015/16 Intrductin What eligibility criteria d my establishment/s need t meet? Natinal Minimum Data Set fr Scial Care (NMDS-SC) and WDF
More informationNTW(HR)24 V01.2 The Use of Social Networking Sites and New Media Policy
Dcument Title Reference Number Lead Officer Authr(s) (name and designatin) Ratified by Scial Media Plicy NTW(HR)24 Jhn Lawlr, Chief Executive Will Green, Head f Cmmunicatins Trust-wide Plicy Grup Date
More information1.0 Purpose This document prescribes requirements for work health and safety (WHS) incident reporting, investigation and corrective action.
WHS INCIDENT REPORTING AND INVESTIGATION PROCEDURE [WHS.06] 1.0 Purpse This dcument prescribes requirements fr wrk health and safety (WHS) incident reprting, investigatin and crrective actin. Definitins
More informationFINANCIAL OPTIONS. 2. For non-insured patients, payment is due on the day of service.
FINANCIAL OPTIONS 1. Fr thse patients wh carry dental insurance, all c-payments are due n date f service. We will file yur claim as a service t yu, and will d ur very best t maximize yur benefits. We accept
More informationSECTION J QUALITY ASSURANCE AND IMPROVEMENT PROGRAM
Audit Manual Sectin J SECTION J QUALITY ASSURANCE AND IMPROVEMENT PROGRAM Ref. Plicy and Practice Requirements IIA Standards and Other references J 1 Plicy: The Head f Internal Audit shall develp and maintain
More informationResearch Report. Abstract: The Emerging Intersection Between Big Data and Security Analytics. November 2012
Research Reprt Abstract: The Emerging Intersectin Between Big Data and Security Analytics By Jn Oltsik, Senir Principal Analyst With Jennifer Gahm Nvember 2012 2012 by The Enterprise Strategy Grup, Inc.
More informationTemplate on written coordination and cooperation arrangements of the supervisory college established for the <XY> Group/<A> Institution
COORDINATION AND COOPERATION ARRANGEMENTS EBA/RTS/2014/16 EBA/ITS/2014/07 Annex II Template n written crdinatin and cperatin arrangements f the supervisry cllege established fr the Grup/ Institutin
More informationHow To Ensure Your Health Care Is Safe
Guidelines fr Custdians t assess cmpliance with the Persnal Health Infrmatin Privacy and Access Act (PHIPAA) This dcument is designed t help custdians evaluate readiness fr cmpliance with PHIPAA and t
More informationAustralian Institute of Psychology. Human Research Ethics Committee. Terms of Reference
Australian Institute f Psychlgy Human Research Ethics Cmmittee Terms f Reference What is research? Accrding t the Natinal Statement research... is widely understd t include at least investigatin undertaken
More information17 Construction environmental management plan (CEMP)
17 Cnstructin envirnmental management plan (CEMP) Bur Happld Cntents 17 Cnstructin Envirnmental Management Plan (CEMP) 17-1 17.1 Intrductin 17-1 17.2 Intrductin t EMS 17-1 17.2.1 Plicy 17-2 17.2.2 Planning
More informationClaims Management Policy
Plicy N: RM23 Versin: 5.0 Name f plicy: Claims Management Plicy Effective frm: 24/10/2012 Date ratified 20/07/2012 Ratified Patient Quality Risk and Safety Cmmittee Review date 01/07/2014 Spnsr Directr
More information