INFORMATION GOVERNANCE POLICY
|
|
- Agatha Cox
- 8 years ago
- Views:
Transcription
1 INFORMATION GOVERNANCE POLICY 1
2 Document history, consultation and approval Title SCRA Information Governance Policy Version Version 1 Other relevant approved document SCRA Case Information Policy SCRA Records Management Policy SCRA Information Security Handbook V3.1 Date of issue of policy 2014 (following Board approval) Date of issue of this version August 2014 Review date and by whom July 2015 (To be reviewed at least annually); Information Governance Working Group Prepared by Information & Research Manager Consultation Executive Management Team Approved by To be approved by Board in September
3 Table of Contents Section Page Number 1: Introduction 4 2: Strategic aim 4 3: Scope 4 4: Statutory requirements and accountabilities 5 5: Governance 6 6: SCRA policies and guidance 7 Appendix 1: Information Governance Working Group 8 Contact For further information please contact: Gillian Henderson Information & Research Manager Gillian.henderson@scra.gsi.gov.uk 3
4 INFORMATION GOVERNANCE POLICY 1. Introduction 1.1 SCRA has statutory responsibilities as an organisation to the information it holds. This includes legislation governing use of personal information, principally the Data Protection Act 1998 (DPA), Human Rights Act 1998, Children (Scotland) Act 1995 and Children s Hearings (Scotland) Act 2011). It also includes legislation governing wider information held by organisations, such as Public Records (Scotland) Act 2011 (PRSA), and the Freedom of Information (Scotland) Act 2002 (FOISA). 1.2 SCRA also has accountabilities as a Non Departmental Public Body to Scottish and UK Governments. Cabinet Office guidance in its Security Policy Framework requires that all Government organisations have information governance arrangements in place for all the information assets they own. 1.3 Information on children and families is essential for Reporter decision-making and the delivery of SCRA s service. SCRA as an employer has responsibilities for the information it holds on its staff. Information is also an asset - SCRA s statistical data and research influences and informs development of policy at local and national levels. The handling and security of information must be afforded the highest priority to safeguard those for whom we work and the organisation. Confidence and trust in public authorities can be won or lost by the track record of a public body in managing information, especially highly sensitive, personal information. 2. Strategic aim 2.1 To continually improve SCRA s information governance and security to become a trusted leading public body in the management and governance of information 1. SCRA seeks to achieve this aim and meet its statutory requirements and accountabilities through sound governance, clear roles and responsibilities, and detailed guidance and subject specific policies covering all aspects of work. 3. Scope 3.1 This Policy covers all the information that SCRA holds in all formats, this includes: personal information related to children referred to the Reporter and information on members of staff aggregated statistical and research information financial information corporate information. 1 SCRA s Business Plan
5 4. Statutory requirements and accountabilities Data Protection Act SCRA is a Data Controller in terms of the DPA. SCRA provides an annual notification to Information Commissioner on the purposes to which it processes personal data. In 2011, the Principal Reporter signed an Undertaking with the ICO that SCRA would meet certain requirements to ensure compliance with the DPA. Information on how SCRA processes personal data is provided on SCRA s web site Freedom of information (Scotland) Act SCRA is listed in Schedule 1 of the Freedom of Information (Scotland) Act SCRA s Publication Scheme was approved by the Scottish Information Commissioner and is on SCRA s web site Guidance on making a FOISA request to SCRA is provided on SCRA s web site. Public Records (Scotland) Act SCRA is listed in the Schedule to the PRSA. SCRA will adopt the Model Records Management Plan to be completed by July Children (Scotland) Act 1995 and Children s Hearings Act The main powers of the above legislation relate to investigation of referrals by the Reporter (s56 of the 1995 Act and s66 of the 2011 Act). Notifications which are prescribed in the Children s Hearings (Scotland) Rules and also in s56 of the 1995 Act and s68 of the 2011 Act specify who can be notified of decisions of the Reporter. The Principal Reporter s powers to share information are largely defined by the 1995 Act. New provisions to extend SCRA s powers to share information have been introduced by the 2011 Act and associated secondary legislation; however these are still limited to certain specified circumstances. Accountability to UK Government - HMG Security Policy Framework 4.5 SCRA, via Scottish Government, is accountable to UK Government for the security of its information assets. SCRA provides an annual return to Scottish Government on its compliance with the mandatory standards set by the Security Policy Framework. Accountability to Scottish Government - Scottish Public Finance Manual 4.6 The Scottish Public Finance Manual (SPFM) requires that Accountable Officers of public bodies include a governance statement in their Annual Reports and accounts. Essential features of this governance statement are details of any significant lapses of data security and consideration of issues that may cause data integrity to be put at risk. 5
6 Staff information 4.7 SCRA is committed to ensuring that the personal information it holds on staff is held and managed in accordance with the legislation outlined above as well as complying with the Information Commissioner s Employment Practices Code. The Single Equality Act 2010, including both the general and specific duties, requires SCRA to gather and publish anonymised data on protected characteristics. This data is gathered during recruitment and selection exercises and staff in post are required to update their own data using selfservice e-hr. Statistical information 4.8 SCRA data and statistics are accredited as Official Statistics. This requires that statistical data is honest, objective and impartial; made available equally to all without cost to the end user with publishing dates openly announced far in advance. Research information 4.9 SCRA works to the Social Research Association s Ethical Guidelines on the personal information it uses in research. 5. Governance 5.1 SCRA s Board s Audit Committee is the accountable Committee for information governance. An SCRA Board member has been assigned responsibility for information governance. Information Governance is listed as a risk in SCRA s Operational Risk Register and Strategic Risk Register; these are reviewed on a quarterly basis by the Audit Committee and Executive Management Team (EMT). 5.2 The Information Governance Working Group supports the Audit Committee, Board and EMT in monitoring and improving SCRA s regulatory and statutory compliance for the personal data it holds and processes. The Group is Chaired by a Board Member. The Group s Remit and Terms of Reference are attached at Appendix 1. An Information Governance Plan, which covers all activity in SCRA related to personal information, is overseen by the Group. Information Governance Leads are identified for each Locality and come together as a Group on a quarterly basis to support operational implementation of information governance. 6
7 6. Roles and Responsibilities 6.1 The Director of Support Services is the Senior Information Risk Owner (SIRO). There are Information Asset Owners (IAO) for each of SCRA major information assets and systems. The Information & Research Manager, Data Protection Officer, Information Security & Technical Assurance Officer and Information Assistant have specific responsibilities for information governance. Details of roles and responsibilities are contained in the Information Security Handbook. Staff carrying these roles and responsibilities are appropriately trained or have a programme of training prepared for them. 6.2 Information security and DPA compliance is included in the Job Descriptions of all operational managers (Locality Reporter Managers and Locality Support Managers). 6.3 Every member of SCRA s staff is responsible for the information they have access to and use. This is reinforced through mandatory Data Protection training and SCRA s Staff Code of Conduct. 7. SCRA subject specific policies and guidance 7.1 All SCRA staff must comply with SCRA s policies on information governance. Failure to do so is a breach of SCRA s Staff Code of Conduct. Information Security Handbook - incorporates all of SCRA s Information Security policies and procedures to provide a single reference point for all SCRA Staff and those working for SCRA. Case Information Policy provides the framework for SCRA on how information on children s cases is held, used and destroyed, and aims to ensure compliance with the DPA. There is further guidance under this policy on specific areas including Office Moves, Retention of Case Information After 18 th Birthday, Dealing with Information Requests, etc. Information Sharing Guidance - explains under what circumstances it is lawful to share information on children outwith the Principal Reporter s statutory powers. Practice Instruction Note 36 Non Disclosure of Place of Safety, Place of Residence, or Whereabouts and Operational Guidance Note 8 Non Disclosure Case Handling - provide direction on dealing with Non Disclosure Order cases. Records Management Policy - sets out how all information, which is not covered by the Case Information Policy (e.g. financial, staff and corporate information), is managed. This includes the retention and disposal schedule. Information Security Policies set out security requirements on electronic information. In addition, all staff as users of the Scottish Governments SCOTS network must comply with the SCOTS IT Code of Conduct. 7
8 Appendix 1 to Information Governance Policy INFORMATION GOVERNANCE WORKING GROUP Terms of Reference Approving Body SCRA Board Date Approved June 2011 Reports to: Chair: Members: SCRA Audit Committee Louise Macdonald, Board Member Director of Support Services Head of Practice & Policy Information and Research Manager Data Protection Officer Information Security & Technical Assurance Officer Locality Reporter Manager (x2) Locality Support Manager (x2) Press & Communications Manager Executive Officer 8
9 INFORMATION GOVERNANCE WORKING GROUP Aim and purpose That SCRA is seen as a leading public body in the management and governance of personal information, and is trusted by those we provide a service to. Remit To drive forward the improvement of information governance in SCRA so that: SCRA fully meets its statutory obligations for all personal information that it holds and processes. All SCRA staff understand their statutory and ethical obligations to personal information, and the individuals concerned. All SCRA staff treat others personal information with the same respect they would expect for their own. Terms of Reference Review the Strategic Framework for Information Governance. Promote, improve and monitor information governance arrangements in SCRA. Provide assurance to the SCRA Audit Committee and Board, Scottish Ministers, Scottish Information Commissioner, Information Commissioner and Keeper of the Records of Scotland of SCRA s compliance with relevant legislation. Engage with staff to ensure that they respect and understand their obligations to the personal information they work with and the individuals concerned. Work with partners to improve information governance across the Children s Hearings System. To listen to service users concerns and suggestions regarding personal information, and act to address these. Develop and implement an Information Governance Action Plan for continuous improvement, with clear deliverables. Report on quarterly basis to EMT, Audit Committee and all staff on SCRA s compliance with relevant legislation and progress on Action Plan deliverables. Develop indicators to monitor and assess SCRA s progress in improving its information governance. 9
10
Information governance strategy 2014-16
Information Commissioner s Office Information governance strategy 2014-16 Page 1 of 16 Contents 1.0 Executive summary 2.0 Introduction 3.0 ICO s corporate plan 2014-17 4.0 Regulatory environment 5.0 Scope
More informationGeneral Register Office for Scotland information about Scotland s people. Paper NHSCR GB 1/08. NHSCR Scotland Information Governance Standards
General Register Office for Scotland information about Scotland s people Paper NHSCR GB 1/08 NHSCR Scotland Information Governance s This is a draft on which the Board s comments would be welcome. Contents
More informationCorporate Policy and Strategy Committee
Corporate Policy and Strategy Committee 10am, Tuesday, 30 September 2014 Information Governance Policies Item number Report number Executive/routine Wards All Executive summary Information is a key asset
More informationGeneral Register Office for Scotland information about Scotland s people. Paper NHSCR GB 5/07. NHSCR s quality assurance procedures
General Register Office for Scotland information about Scotland s people Paper NHSCR GB 5/07 NHSCR s quality assurance procedures November 2007 NHSCR SCOTLAND INFORMATION GOVERNANCE STANDARDS Author: Muriel
More informationInformation Governance Strategy. Version No 2.0
Plymouth Community Healthcare CIC Information Governance Strategy Version No 2.0 Notice to staff using a paper copy of this guidance. The policies and procedures page of PCH Intranet holds the most recent
More informationInformation Governance Strategy 2015-2018
Introduction Information Governance Strategy 2015-2018 This strategy sets out the approach to be taken within Children s Hearings Scotland (CHS) to develop a robust Information Governance (IG) framework
More informationInformation Governance Standards in Relation to Third Party Suppliers and Contractors
Information Governance Standards in Relation to Third Party Suppliers and Contractors Document Summary Ensure staff members are aware of the standards that should be in place when considering engaging
More informationWest Dunbartonshire Council. Follow-up data protection audit report
West Dunbartonshire Council Follow-up data protection audit report Auditors: Lee Taylor (Audit Team Manager) Jonathan Kay (Engagement Lead Auditor) Data controller contacts: Michael Butler (Data Protection/Information
More informationInformation Governance Policy
Information Governance Policy Version 1.1 Responsible Person Information Governance Manager Lead Director Head of Corporate Services Consultation Route Information Governance Steering Group Approval Route
More informationData Protection Policy
Data Protection Policy April 2014 Author: Jennifer McLaren, Assistant Principal, Curriculum Support & Finance Impact Assessment Date: 15 February 2010 Date: April 2014 Contents 1 Purpose... 2 2 Policy...
More informationInformation Governance Policy
Information Governance Policy Implementation date: 30 September 2014 Control schedule Approved by Corporate Policy and Strategy Committee Approval date 30 September 2014 Senior Responsible Officer Kirsty-Louise
More informationInformation Commissioner s Office. ICO response to the discussion paper on the Rehabilitation of Offenders Act 1974
Information Commissioner s Office ICO response to the discussion paper on the Rehabilitation of Offenders Act 1974 14 November 2013 1 Contents Introduction Response Further issues About the ICO The ICO
More informationOFFICIAL. NCC Records Management and Disposal Policy
NCC Records Management and Disposal Policy Issue No: V1.0 Reference: NCC/IG4 Date of Origin: 12/11/2013 Date of this Issue: 14/01/2014 1 P a g e DOCUMENT TITLE NCC Records Management and Disposal Policy
More informationCardiff Council. Data protection audit report. Executive summary June 2014
Cardiff Council Data protection audit report Executive summary June 2014 1. Background The Information Commissioner is responsible for enforcing and promoting compliance with the Data Protection Act 1998
More informationCouncil, 14 May 2015. Information Governance Report. Introduction
Council, 14 May 2015 Information Governance Report Introduction 1.1 The Information Governance function within the Secretariat Department is responsible for the HCPC s ongoing compliance with the Freedom
More informationInformation Governance Strategy & Policy
Information Governance Strategy & Policy March 2014 CONTENT Page 1 Introduction 1 2 Strategic Aims 1 3 Policy 2 4 Responsibilities 3 5 Information Governance Reporting Structure 4 6 Managing Information
More informationInformation Governance Framework
Information Governance Framework Authorship: Chris Wallace, Information Governance Manager Committee Approved: Integrated Audit and Governance Committee Approved date: 11th March 2014 Review Date: March
More informationWe then give an overall assurance rating (as described below) indicating the extent to which controls are in place and are effective.
Good Practice Audit outcomes analysis Police Forces April 2013 to April 2014 This report is based on the final audit reports the ICO completed in the Criminal Justice sector, specifically of Police forces,
More informationLEEDS BECKETT UNIVERSITY. Information Security Policy. 1.0 Introduction
LEEDS BECKETT UNIVERSITY Information Security Policy 1.0 Introduction 1.1 Information in all of its forms is crucial to the effective functioning and good governance of our University. We are committed
More informationInformation Governance Strategy and Policy. OFFICIAL Ownership: Information Governance Group Date Issued: 15/01/2015 Version: 2.
Information Governance Strategy and Policy Ownership: Information Governance Group Date Issued: 15/01/2015 Version: 2.0 Status: Final Revision and Signoff Sheet Change Record Date Author Version Comments
More informationInformation Governance Framework
Information Governance Framework March 2014 CONTENT Page 1 Introduction 1 2 Strategic Aim 2 3 Purpose, Values and Principles 2 4 Scope 3 5 Roles and Responsibilities 3 6 Review 5 Appendix 1 - Information
More informationPolicy Checklist. Head of Information Governance
Policy Checklist Name of Policy: Information Governance Policy Purpose of Policy: To provide guidance to all staff on their responsibilities regarding information governance and to ensure that the Trust
More informationData Protection Policy June 2014
Data Protection Policy June 2014 Approving authority: Consultation via: Court Audit and Risk Committee, University Executive, Secretary's Board, Information Governance and Security Group Approval date:
More informationProposed Public Records Legislation Consultation
Proposed Public Records Legislation Consultation Question 1 Do you agree that a public record is one that is created or received by a publicly funded authority, or do you think that the public status of
More informationInformation Governance Strategy. Version No 2.1
Livewell Southwest Information Governance Strategy Version No 2.1 Notice to staff using a paper copy of this guidance. The policies and procedures page of LSW Intranet holds the most recent version of
More informationInformation Governance Policy
Information Governance Policy Information Governance Policy Issue Date: June 2014 Document Number: POL_1008 Prepared by: Information Governance Senior Manager Insert heading depending on Insert line heading
More informationUniversity of Stirling. Records Management Strategy 2007. I. Introduction
University of Stirling Records Management Strategy 2007 I. Introduction 1. The University of Stirling is a diverse organisation which creates, receives and uses recorded information in a wide variety of
More informationDecision 121/2011 Ms Margaret Sutor and Social Care and Social Work Improvement Scotland
Ms Social Care and Social Work Improvement Scotland Failure to respond Reference No: 201100673 Decision Date: 16 June 2011 Kevin Dunion Scottish Information Commissioner Kinburn Castle Doubledykes Road
More informationInformation Governance Policy
Information Governance Policy UNIQUE REF NUMBER: AC/IG/013/V1.2 DOCUMENT STATUS: Approved by Audit Committee 19 June 2013 DATE ISSUED: June 2013 DATE TO BE REVIEWED: June 2014 1 P age AMENDMENT HISTORY
More informationRecords Management Plan. April 2015
Records Management Plan April 2015 Prepared in accordance with the Public Records (Scotland) Act 2011 and submitted to the Keeper of the Records of Scotland for their agreement on 28 April 2015 (Revised
More informationInformation Governance Policy A council-wide information management policy. Version 1.0 June 2013
Information Governance Policy Version 1.0 June 2013 Copyright Notification Copyright London Borough of Islington 2012 This document is distributed under the Creative Commons Attribution 2.5 license. This
More informationNHS Lanarkshire Information Governance Committee
INFORMATION GOVERNANCE COMMITTEE DRAFT TERMS OF REFERENCE Name Purpose NHS Lanarkshire Information Governance Committee To provide direction of and oversee the development of NHS Lanarkshire Information
More information2. Scope 2.1 This policy covers all the activities and processes of the University that uses personal information in whatever format.
University of Westminster Personal Data Protection Policy For Compliance with the Data Protection Act 1998 1. Background 1.1 The Data Protection Act 1998 (DPA) defines personal data as data and information
More informationDATA RETENTION POLICY
DATA RETENTION POLICY Contents 1. Key Principles... 3 2. Introduction to the Policy and Guidelines... 3 3. Policy and Guidelines... 4 4. Scottish Ministers Requirements... 5 5. Access to information...
More informationData Protection Policy
Data Protection Policy Version: 1.0 Date: October 2013 Table of Contents 1 Introduction The need for a Data Protection Policy... 3 2 Scope... 3 3 Principles... 3 4 Staff Roles & Responsibilities... 4 5
More informationInformation Governance Incorporating the Records Management Plan
Information Governance Incorporating the Records Management Plan Information governance, or IG, is the set of multi-disciplinary structures, policies, procedures, processes and controls implemented to
More informationINFORMATION GOVERNANCE POLICY
INFORMATION GOVERNANCE POLICY Issued by: Senior Information Risk Owner Policy Classification: Policy No: POLIG001 Information Governance Issue No: 1 Date Issued: 18/11/2013 Page No: 1 of 16 Review Date:
More informationInformation Security Management System (ISMS) Policy
Information Security Management System (ISMS) Policy April 2015 Version 1.0 Version History Version Date Detail Author 0.1 18/02/2015 First draft Andy Turton 0.2 20/02/2015 Updated following feedback from
More informationInformation Governance Strategy
Information Governance Strategy ONCE PRINTED OFF, THIS IS AN UNCONTROLLED DOCUMENT. PLEASE CHECK THE INTRANET FOR THE MOST UP TO DATE COPY Target Audience: All staff employed or working on behalf of the
More informationCaedmon College Whitby
Caedmon College Whitby Data Protection and Information Security Policy College Governance Status This policy was re-issued in June 2014 and was adopted by the Governing Body on 26 June 2014. It will be
More informationInformation Governance Policy (incorporating IM&T Security)
(incorporating IM&T Security) ONCE PRINTED OFF, THIS IS AN UNCONTROLLED DOCUMENT. PLEASE CHECK THE INTRANET FOR THE MOST UP TO DATE COPY Target Audience: All staff employed or working on behalf of the
More informationDATA PROTECTION POLICY
MILNBANK HOUSING ASSOCIATION DATA PROTECTION POLICY LS/NOV.2011/REF.P14 1) INTRODUCTION Milnbank Housing Association recognises that the Data Protection Act 1998 is an important piece of legislation to
More informationMENTAL HEALTH TRIBUNAL FOR SCOTLAND: RECORDS MANAGEMENT POLICY. Ensuring Information is Accurate and Fit for Purpose
MENTAL HEALTH TRIBUNAL FOR SCOTLAND: RECORDS MANAGEMENT POLICY Index: Introduction Information is a Corporate Resource Personal Responsibility Information Accessibility Keeping Records of what we do Ensuring
More informationNHS DORSET CLINICAL COMMISSIONING GROUP GOVERNING BODY INFORMATION GOVERNANCE TOOLKIT REPORT
NHS DORSET CLINICAL COMMISSIONING GROUP GOVERNING BODY INFORMATION GOVERNANCE TOOLKIT REPORT 9.7 Date of the meeting 15/07/2015 Author Sponsoring Clinician Purpose of Report Recommendation J Green - Head
More informationInformation Governance in NHSScotland: A Competency Framework. 2 nd Edition December 2011
Information Governance in NHSScotland: A Competency Framework 2 nd Edition December 2011 Contents Foreword 1 by Malcolm Wright, NHS Education for Scotland Executive Summary 2 Chapter 1. Why? Information
More informationCommission for Ethical Standards in Public Life in Scotland
Commission for Ethical Standards in Public Life in Scotland REPORT TO PARLIAMENT Laid before the Scottish Parliament by the Public Appointments Commissioner for Scotland in pursuance of Section 2(8) a
More informationClause 1. Definitions and Interpretation
[Standard data protection [agreement/clauses] for the transfer of Personal Data from the University of Edinburgh (as Data Controller) to a Data Processor within the European Economic Area ] In this Agreement:-
More informationWEST LOTHIAN COUNCIL RECORDS MANAGEMENT POLICY. Data Label: Public
WEST LOTHIAN COUNCIL RECORDS MANAGEMENT POLICY RECORDS MANAGEMENT POLICY CONTENTS 1. POLICY STATEMENT... 3 2. PRINCIPLES... 3 DEFINITIONS... 4 3. OBJECTIVES... 4 4. SCOPE... 4 5. OWNERSHIP & RESPONSIBILITIES...
More informationINFORMATION GOVERNANCE AND SECURITY 1 POLICY DRAFTED BY: INFORMATION GOVERNANCE LEAD 2 ACCOUNTABLE DIRECTOR: SENIOR INFORMATION RISK OWNER
INFORMATION GOVERNANCE AND SECURITY 1 POLICY DRAFTED BY: INFORMATION GOVERNANCE LEAD 2 ACCOUNTABLE DIRECTOR: SENIOR INFORMATION RISK OWNER 3 APPLIES TO: ALL STAFF 4 COMMITTEE & DATE APPROVED: AUDIT COMMITTEE
More informationINFORMATION GOVERNANCE STRATEGIC VISION, POLICY AND FRAMEWORK
INFORMATION GOVERNANCE STRATEGIC VISION, POLICY AND FRAMEWORK Policy approved by: Assurance Committee Date: 3 December 2014 Next Review Date: December 2016 Version: 1.0 Information Governance Strategic
More informationInformation Governance Strategy :
Item 11 Strategy Strategy : Date Issued: Date To Be Reviewed: VOY xx Annually 1 Policy Title: Strategy Supersedes: All previous Strategies 18/12/13: Initial draft Description of Amendments 19/12/13: Update
More informationHow To Be Accountable To The Health Department
CQC Corporate Governance Framework Introduction This document describes the components of CQC s Corporate Governance Framework: what it is intended to achieve, what the components of the Framework are
More informationPolicy Document Control Page
Policy Document Control Page Title Title: Information Governance Policy Version: 5 Reference Number: CO44 Keywords: Information Governance Supersedes Supersedes: Version 4 Description of Amendment(s):
More informationINFORMATION GOVERNANCE POLICY
Directorate of Performance Assurance INFORMATION GOVERNANCE POLICY Reference: DCP074 Version: 2.5 This version issued: 27/03/15 Result of last review: Minor changes Date approved by owner (if applicable):
More informationPEARSON BTEC LEVEL 5 HND DIPLOMA IN BUSINESS MODULE SYNOPSIS
PEARSON BTEC LEVEL 5 HND DIPLOMA IN BUSINESS MODULE SYNOPSIS 1. Business Environment The aim of this unit is to provide learners with an understanding of different organisations, the influence of stakeholders
More informationINFORMATION GOVERNANCE POLICY
INFORMATION GOVERNANCE POLICY Including the Information Governance Strategy Framework and associated Information Governance Procedures Last Review Date Approving Body N/A Governing Body Date of Approval
More informationData Protection Policy
Data Protection Policy Responsible Officer Author Date effective from July 2009 Ben Bennett, Business Planning & Resources Director Julian Lewis, Governance Manager Date last amended December 2012 Review
More informationInformation Governance Plan
Information Governance Plan 2013 2015 1. Overview 1.1 Information is a vital asset, both in terms of the clinical management of individual patients and the efficient organisation of services and resources.
More informationHow To Protect Your Personal Information At A College
Data Protection Policy Policy Details Produced by Assistant Principal Information Systems Date produced Approved by Senior Leadership Team (SLT) Date approved July 2011 Linked Policies and Freedom of Information
More informationCORPORATE RECORDS MANAGEMENT POLICY
1.1 Introduction Derbyshire County Council is dependent on its records to operate efficiently and to account for its actions. This policy defines a structure for Derbyshire County Council to ensure that
More informationArgyll and Bute Council. Information Management Strategy 2014-2018
Argyll and Bute Council Information Management Strategy 2014-2018 Version 1.3 November 2014 $Hcxs4vps.Docx INDEX 1. INTRODUCTION... 3 1.1 Purpose of the Document... 3 2. INFORMATION MANAGEMENT OVERVIEW...
More informationDATA PROTECTION POLICY
DATA PROTECTION POLICY DATA PROTECTION POLICY Document Control Information Title Data Protection Policy Version V1.0 Author Diana Watt Date Approved 21 February 2013 Review Date Annually, on the anniversary
More informationHow To Protect School Data From Harm
43: DATA SECURITY POLICY DATE OF POLICY: FEBRUARY 2013 STAFF RESPONSIBLE: HEAD/DEPUTY HEAD STATUS: STATUTORY LEGISLATION: THE DATA PROTECTION ACT 1998 REVIEWED BY GOVERNING BODY: FEBRUARY 2013 EDITED:
More informationD-CRIS Information Governance Assurance
D-CRIS Information Governance Assurance Date: 05 08 2013 Version: 1.0 Author: Murat Soncul Contents 1. Introduction... 3 2. CRIS Security Model... 3 3. SLaM Information Governance Framework... 4 4. Roles
More informationCriminal Injuries Compensation Authority. Data protection audit report
Criminal Injuries Compensation Authority Data protection audit report Executive summary January 2016 1. Background The Information Commissioner is responsible for enforcing and promoting compliance with
More informationNOT PROTECTIVELY MARKED
Information Management Strategy SPSA 0062 Version V3 23 rd June 2011 Review Date June 2012 Owner Senior Information Risk Owner Copyright SCDEA 2010. All rights reserved. NOT PROTECTIVELY MARKED This document
More informationMerthyr Tydfil County Borough Council. Data Protection Policy
Merthyr Tydfil County Borough Council Data Protection Policy 2014 Cyfarthfa High School is a Rights Respecting School, we recognise the importance of ensuring that the United Nations Convention of the
More informationINFORMATION GOVERNANCE POLICY
ENFIELD CLINICAL COMMISSIONING GROUP INFORMATION GOVERNANCE POLICY PLEASE DESTROY ALL PREVIOUS VERSIONS OF THIS DOCUMENT Enfield CCG Information Governance Policy Information Governance Policy (Policy
More informationUNIVERSITY OF ABERDEEN RECORDS RETENTION SCHEDULES MAY 2007
UNIVERSITY OF ABERDEEN RECORDS RETENTION SCHEDULES MAY 2007 UNIVERSITY OF ABERDEEN RECORDS RETENTION SCHEDULES Table of Contents Page Page Introduction... 1 Abbreviations used... 2 Retention Schedules:
More informationInformation Governance Policy
Information Governance Policy Version: 4 Bodies consulted: Caldicott Guardian, IM&T Directors Approved by: MT Date Approved: 27/10/2015 Lead Manager: Governance Manager Responsible Director: SIRO Date
More informationScotland s Commissioner for Children and Young People Records Management Policy
Scotland s Commissioner for Children and Young People Records Management Policy 1 RECORDS MANAGEMENT POLICY OVERVIEW 2 Policy Statement 2 Scope 2 Relevant Legislation and Regulations 2 Policy Objectives
More informationNational Approach to Information Assurance 2014-2017
Document Name File Name National Approach to Information Assurance 2014-2017 National Approach to Information Assurance v1.doc Author David Critchley, Dave Jamieson Authorisation PIAB and IMBA Signed version
More informationDATA PROTECTION AND DATA STORAGE POLICY
DATA PROTECTION AND DATA STORAGE POLICY 1. Purpose and Scope 1.1 This Data Protection and Data Storage Policy (the Policy ) applies to all personal data collected and dealt with by Centre 404, whether
More informationPublic Records (Scotland) Act 2011. Fife NHS Board Assessment Report. The Keeper of the Records of Scotland. 27 September 2013.
Public Records (Scotland) Act 2011 Fife NHS Board Assessment Report The Keeper of the Records of Scotland 27 September 2013 Contents 1. Public Records (Scotland) Act 2011... 3 2. Executive Summary... 3
More informationNHS EDUCATION FOR SCOTLAND MEDICAL DIRECTORATE TRAINING PROGRAMME ASSISTANT. Training Programme Assistant
NHS EDUCATION FOR SCOTLAND MEDICAL DIRECTORATE TRAINING PROGRAMME ASSISTANT 1. JOB DETAILS JOB REFERENCE JOB TITLE DEPARTMENT AND LOCATION IMMEDIATE MANAGER S TITLE Training Programme Assistant Medical
More informationInformation Governance Policy
Information Governance Policy REFERENCE NUMBER IG 101 / 0v3 May 2012 VERSION V1.0 APPROVING COMMITTEE & DATE Clinical Executive 4.9.12 REVIEW DUE DATE May 2015 West Lancashire CCG is committed to ensuring
More informationNursing Agencies. Minimum Standards
Nursing Agencies Minimum Standards 1 Contents Page Introduction 3 Values underpinning the standards 6 SECTION 1 - MINIMUM STANDARDS Management of the nursing agency 1. Management and control of operations
More informationInformation Governance Management Framework
Information Governance Management Framework Responsible Officer Author Business Planning & Resources Director Governance Manager Date effective from October 2015 Date last amended October 2015 Review date
More informationBCS Professional Certification. May 2015. Copyright BCS 2013 Page 1 of 5. Subject Access Request Policy
BCS Professional Certification May 2015 Copyright BCS 2013 Page 1 of 5 Version 1.0 May 2013 CONTENTS 1. POLICY... 3 2. SCOPE... 3 3. WHAT INFORMATION AM I ENTITLED TO REQUEST USING A SAR?... 3 4. WHAT
More informationINFORMATION GOVERNANCE OPERATING POLICY & FRAMEWORK
INFORMATION GOVERNANCE OPERATING POLICY & FRAMEWORK Log / Control Sheet Responsible Officer: Chief Finance Officer Clinical Lead: Dr J Parker, Caldicott Guardian Author: Associate IG Specialist, Yorkshire
More informationInformation Governance Framework and Strategy. November 2014
November 2014 Authorship : Committee Approved : Chris Wallace Information Governance Manager CCG Senior Management Team and Joint Trade Union Partnership Forum Approved Date : November 2014 Review Date
More informationSTART UP LOANS PRIVACY AND DATA PROTECTION TERMS AND CONDITIONS
START UP LOANS PRIVACY AND DATA PROTECTION TERMS AND CONDITIONS Table of Contents 1. ABOUT THIS POLICY... 3 2. WHO WE ARE AND WHO IS RESPONSIBLE FOR YOUR PERSONAL DATA... 3 3. WHERE WE COLLECT YOUR PERSONAL
More informationReport of the Information & Privacy Commissioner/Ontario. Review of the Canadian Institute for Health Information:
Information and Privacy Commissioner of Ontario Report of the Information & Privacy Commissioner/Ontario Review of the Canadian Institute for Health Information: A Prescribed Entity under the Personal
More informationROEHAMPTON UNIVERSITY DATA PROTECTION POLICY
ROEHAMPTON UNIVERSITY DATA PROTECTION POLICY Originated by: Data Protection Working Group: November 2008 Impact Assessment: (to be confirmed) Recommended by Senate: 28 January 2009 Approved by Council:
More informationEducation and Training Committee, 10 March 2011. Professional indemnity insurance. Executive summary and recommendations.
Education and Training Committee, 10 March 2011 Professional indemnity insurance Executive summary and recommendations Introduction This paper appeared as a paper to note at the Council meeting on 10 February
More informationCorporate Information Security Policy
Corporate Information Security Policy. A guide to the Council s approach to safeguarding information resources. September 2015 Contents Page 1. Introduction 1 2. Information Security Framework 2 3. Objectives
More informationHighland Council Information Security Policy
Highland Council Information Security Policy Document Owner: Vicki Nairn, Head of Digital Transformation Page 1 of 16 Contents 1. Document Control... 4 Version History... 4 Document Authors... 4 Distribution...
More informationChapter 7: Consideration for Listing 1. When Disclosure Scotland receives information which has a bearing on an individual s suitability to work with
Chapter 7: Consideration for Listing 1. When Disclosure Scotland receives information which has a bearing on an individual s suitability to work with vulnerable groups, Disclosure Scotland will undertake
More informationINFORMATION GOVERNANCE POLICY
INFORMATION GOVERNANCE POLICY Name of Policy Author: Name of Review/Development Body: Ratification Body: Ruth Drewett Information Governance Steering Group Committee Trust Board : April 2015 Review date:
More informationProtection. Code of Practice. of Personal Data RPC001147_EN_WB_L_1
Protection of Personal Data RPC001147_EN_WB_L_1 Table of Contents Data Protection Rules Foreword From the Data Protection Commissioner Introduction From the Chairman Data Protection Responsibility of Employees
More informationRecords Retention and Disposal Schedule. Information Management
Records Retention and Disposal Schedule Information Management Version control Version Author Policy Approved By Approval Date Publication Date Review Due V 1.0 Information Governance Unit Philip Jones,
More informationHuman Resources Policy No. HR46
Human Resources Policy No. HR46 Maintaining Personal Files and ESR Records Additionally refer to HR04 Verification of Professional Registration HR33 Recruitment and Selection HR34 Policy for Carrying Out
More informationBusiness Plan 2016-2017
Business Plan 2016-2017 March 2016 Contents Introduction... 3 About us... 5 Role of Registrar... 5 Objectives for 2016-17... 5 Work programme for 2016/17... 6 Activity 1 Continue to operate an accessible,
More informationInformation Governance Policy
Information Governance Policy Version: Revised: Consultation: Ratified by: 1.0 Information Governance Committee Governance Committee Date ratified: 19 March 2008 Name of originator/author: David McGrath
More informationChildren s Hearings (Scotland) Act 2011 2011 asp 1
Children s Hearings (Scotland) Act 2011 (asp 1) Section Children s Hearings (Scotland) Act 2011 2011 asp 1 CONTENTS PART 1 THE NATIONAL CONVENER AND CHILDREN S HEARINGS SCOTLAND The National Convener and
More informationHMG Security Policy Framework
HMG Security Policy Framework Security Policy Framework 3 Foreword Sir Jeremy Heywood, Cabinet Secretary Chair of the Official Committee on Security (SO) As Cabinet Secretary, I have a good overview of
More informationManagement Statement and Financial Memorandum Agreed Between the Scottish Government Health Directorate and the Mental Welfare Commission for
Management Statement and Financial Memorandum Agreed Between the Scottish Government Health Directorate and the Mental Welfare Commission for Scotland April 2011 F3073417 final version 31/3/2011 MANAGEMENT
More informationCIVIL SERVICE COMMISSION STRATEGIC FRAMEWORK 2012-2016
CIVIL SERVICE COMMISSION STRATEGIC FRAMEWORK 2012-2016 THE CIVIL SERVICE COMMISSION We are established by statute to provide assurance that civil servants are selected on merit on the basis of fair and
More informationBarnsley Clinical Commissioning Group. Information Governance Policy and Management Framework
Putting Barnsley People First Barnsley Clinical Commissioning Group Information Governance Policy and Management Framework Version: 1.1 Approved By: Governing Body Date Approved: 16 January 2014 Name of
More informationNATIONAL RECORDS OF SCOTLAND preserving the past; recording the present; informing the future. 2011 Census
NATIONAL RECORDS OF SCOTLAND preserving the past; recording the present; informing the future 2011 Census Information Assurance Policy Statement By the UK Census Offices June 2011 NATIONAL RECORDS OF SCOTLAND
More information