SUBJECT ACCESS REQUEST PROCEDURE

Save this PDF as:

Size: px
Start display at page:

Download "SUBJECT ACCESS REQUEST PROCEDURE"

Transcription

1 SUBJECT ACCESS REQUEST PROCEDURE Document History Document Reference: Document Purpose: IG31 This procedure sets out the responsibility for staff when receiving requests for information provided under Section 7 of the Data Protection Act whereby individuals can request access to their data. Date Approved: 28 th March 2014 Approving Committee: Information Governance Management and Technology Committee Version Number: V1.0 Status: Approved Next Revision Due: January 2015 Developed by: Policy Sponsor: Target Audience: Associated Documents: Information Governance, Greater East Midlands Commissioning Support Unit (GEM CSU) Information Governance Management and Technology Committee This Policy applies to any person directly employed, contracted or volunteering to the CCG All Information Governance Policies and the Information Governance Toolkit Author: GEM CSU IG 1 Approved January 2014

2 Revision History Version Revision date Comments Draft August 2013 Developed in line with NHS England guidance, Caldicott Review and the Information Governance Toolkit version 11 Approved January 2014 Information Governance Management and Technology committee pending minor amendments to text and formatting. Policy Dissemination information Reference Number IG31 Title Subject Access Request Procedure Available from CCG Intranet Contents 1. Introduction Purpose & Scope Policy Statement Principles Who can make a request Roles & Responsibilities Subject Access Requests the rights of individuals Consent Issues Shared Records Deceased Patient Records Exemptions to the Release of Information Subject Access Request Process Incidents Equality Impact Assessment Due Regard Policy Review APPENDIX A - REFERENCES AND BIBLIOGRAPHY Author: GEM CSU IG 2 Approved January 2014

3 1. Introduction This procedure applies to Nottinghamshire County Clinical Commissioning Groups (CCGs) subsequently referred to in this document as the CCGs. They include: NHS Mansfield and Ashfield CCG NHS Newark and Sherwood CCG NHS Nottingham North and East CCG NHS Nottingham West CCG NHS Rushcliffe CCG Legislation provides that an individual has the right to request access to their personal information that is held by an organisation. The information can be health records, employment records, or records which hold information relating to them as the data subject. An organisation must ensure that it has a procedure in place to respond to Subject Access Requests under the Data Protection Act Purpose & Scope The Act gives data subjects the right, subject to certain exceptions, to request access and obtain copies of personal data about themselves that is held in either computerised or manual formats and any type of personal information that is recorded including photographs, x-rays, audio messages and CCTV images. Data subjects have access rights to their personal information irrespective of when the record was created. To exercise this right, an individual must make a written request for information. This is known as a subject access request. This procedure applies to all requests for access to personal data held by the CCG. This procedure applies to all staff employed by or working on behalf of the CCG including contracted, non-contracted, temporary, honorary, secondments, bank, agency, students, volunteers or locums. 3. Procedure Statement This procedure will provide a framework for the CCG to ensure compliance with the Data Protection Act This procedure matches the requirements identified by the Information Commissioner Subject Access Request Code of Practice August 2013 ( Author: GEM CSU IG 3 Approved January 2014

4 4. Principles Individuals have the right to request copies of their information that the CCG may hold and to also request certain information relating to the processing of their information including: A description of the information The purposes the information is used for The disclosures that are made or might be made The source of the data The CCG is required to respond to Subject Access requests promptly within 40 calendar days of receipt of the request. Failure to do so is a breach of the Act and could lead to a complaint to the Information Commissioner (ICO). If it is anticipated that a request will take longer than the 40-day period, the organisation must inform the applicant giving an explanation of the delay and agree a new deadline. Failure to comply with a request for subject access, without valid justification is treated as a serious matter and may be referred to the ICO. Such complaints are dealt with as a matter of priority and may lead to a full-scale investigation into an organisation s procedures and practices. 5. Who can make a request Subject access requests can be made by: The individual themselves Individuals requesting access on behalf of a child for whom they have parental responsibility A representative nominated by the individual to act their behalf such as solicitors or a relative, where there is valid consent by the individual granting this authority In certain situations a person granted an attorney or agent by the Court of Protection on behalf of an adult who is incapable of consent A request does not have to specifically state whether it is under the provisions of the Data Protection Act or Freedom of Information Act and individuals may sometimes confuse the two. It is the CCG s responsibility to ensure that any request is dealt with under the correct legislation 5.1 Individuals living abroad Patients or individuals who used to live in the UK who have records held by the CCG will still have the right to make a subject access request. The same procedure would apply as for an individual living in the UK. Author: GEM CSU IG 4 Approved January 2014

5 5.2 Access to Health Records A health record is defined as: consisting of information relating to the physical or mental health or condition of an individual and has been made by or on behalf of a health professional in connection with the care of that individual. 6 Roles & Responsibilities 6.1 Chief Officer The Chief Officer is the accountable officer and Data Controller for the CCG. The Chief Officer is responsible for ensuring compliance with the Data Protection Act GEM CSU IG Lead Greater East Midlands Commissioning Support Unit (GEM CSU) provide Information Governance expertise and support to all Nottinghamshire CCGs under a Service Level Agreement and will process requests received by individual CCGs. Requests received by CCG staff will be forwarded to the Information Governance Lead at GEM CSU for review and response. All request details will be entered into a log and this will be maintained to monitor compliance to ensure all requests are answered in a timely manner. The GEM CSU Lead is responsible for: Reviewing the request to determine whether it is a subject access request (or Freedom of Information request) and liaising with CCG staff where advice is required. Prior to the release of any information, the GEM CSU lead must be satisfied as to the identity of the person making the request. The CCG will not release any information until this identification has taken place. Providing advice to responsible staff in the CCG on the withholding of certain information requested under the Data Protection Act. Liaising with other organisations if relevant to process the access request in the event of shared records/data. The CCG remains responsible for their organisations compliance under the Data Protection Act and the GEM IG Lead will ensure adequate sign off from a responsible staff member or designated professional prior to release of any information under a subject access request. 6.3 All Staff All managers and staff will comply with any request for personal data forwarded by the GEM CSU Lead as quickly as possible, and will respond as soon as possible but before a deadline communicated by the IG Lead. Author: GEM CSU IG 5 Approved January 2014

6 7 Subject Access Requests the rights of individuals The Data Protection Act 1998 ensures the transparency of data processing by obliging organisations to explain to individuals how their data is used (Principle 1) and by providing the right of subject access under Section 7. Section 7 of the Act provides that individuals who request access to their data should: Be informed whether or not they are the subject of any data being processed by a data controller organisation; and Be provided with an understandable copy of the information held about them on request It should also be provided in a permanent form i.e. paper or electronic format that may be retained by the individual unless the provision of the information in a permanent form would involve disproportionate effort. Individuals also have the right to: A description of the personal data of which they are the data subject A description of the purposes for which the data are being processed or are to be processed this could be based on the information supplied to the Information Commissioners office during notification or on some information specific to the applicant; Any information available to an organisation on the source of the applicant s data; and Where the applicant specifically requests it, the logic involved in any fully automated decision-taking that has or may have a significant effect on the individual concerned, such as a decision in relation to risk stratification (except where the logic would constitute a trade secret or be regarded as commercially in confidence). 8 Consent Consent is not defined in the Data Protection Act. However, the European Data Protection Directive (to which the Act gives effect) defines an individual s consent as: any freely given specific and informed indication of his wishes by which the data subject signifies his agreement to personal data relating to him being processed. Consent must be appropriate to the age and capacity of the individual and to the particular circumstances of the case. The Data Protection Act distinguishes between: the nature of the consent required to satisfy the first condition for processing; and the nature of the consent required to satisfy the condition for processing sensitive personal data, which must be explicit. In most cases the consent to access personal information will be provided by the individual who is requesting the information, however, there may be cases where the individual is unable to consent or the data subject is a child. Author: GEM CSU IG 6 Approved January 2014

7 When an applicant is not able to produce written consent from the data subject to access the information or is not able to evidence that he/she is entitled to access the information, the GEM CSU Lead will request further information from the applicant on the reason for the request to decide whether it would be justifiable to release the information to the applicant in any event. The GEM CSU IG Lead will liaise with the CCG staff holding the information to determine whether it is appropriate to release the information under these circumstances. In the event that the applicant is a solicitor the subject s written authority for release must be obtained. Where a person is unable to manage his/her own affairs then the application will only be accepted if evidence is presented that the representative is a person appointed by the Courts e.g. under the Court of Protection (or acting within the terms of a registered Lasting Power of Attorney - Health). Any individual over the age of 12 who is considered to be Fraser competent may exercise their right of access to his/her records under the Act. This is also in line with guidance issued by the Information Commissioner. However, care must be taken to verify that the young person has either initiated such a request or consented to such a request being made or that the young person s lack of understanding requires a parent or guardian to act on their behalf. Another important aspect may well be the nature of the personal information that will be supplied. This will be of particular significance where the information may contain reference to the parent or guardian within the young person s records: for example, where allegations of abuse have been made against the parent or guardian in a social work file. Requests from minors need to be handled carefully; consideration needs to be given to balancing the harm that might arise against the possible benefits of supplying the information and will involve the CCG s Designated Professionals in all such requests. 9 Shared Records There are situations where a subject access request involves a record that is shared between organisations. The modernisation and integration of health and social care will place a greater emphasis on shared records, both health and non-health records. The following principles will be followed where this is the case: Obligations under the Act are, in general placed on the holder of the record. If records are shared between two health or NHS bodies, they will be joint data controllers. Responsibility for ownership of the record rests with the Secretary of State for Health although essentially, where both organisations are joint data controllers for the shared record, both are controlling how they are used In order to deal with Subject Access requests effectively, the organisation receiving the Subject Access request will take responsibility for processing the request and for obtaining consent or refusal for the release of parts of the record relating to the other organisation The CCG takes responsibility for the access request and joint liability for their release where each organisation has authorised its release. Author: GEM CSU IG 7 Approved January 2014

8 If the CCG does not agree with the decision made by the other organisation to withhold data from release and subsequently releases that element of the record, it will accept full liability. The GEM CSU Lead must document the reasons for withholding certain information lawfully in the request log. The applicant may challenge the decision not to release information If there is a refusal to disclose the record from the partner organisation, the organisation dealing with the access request should, in their response to the applicant explain the reason for the refusal and refer them to the other partner organisation directly if they wish to contest the refusal. 9.1 Other Records In addition to health records, all other records held by the CCG containing individual s information are liable to subject access requests by those individuals or their representatives. This includes personnel, finance, complaints and administration records. Any third party content of the record must be referred to the originating organisation for consent to release. Where the CCG is the originator of the third party information the GEM CSU IG Lead will liaise with the designated professional in the CCG to determine whether the information should be redacted. 10 Deceased Patient Records The rights to access under the Data Protection Act 1998 extend only to living individuals. Requests for deceased patients records are made under the Access to Health Records Act Requests can only be made by: The patient s personal representative (usually the executor of the will or administrator of the estate) or Any person who may have a claim arising out of the patient s death- release of any information will only be the minimum necessary to process their claim. Only relevant information relating to any claim made should be released The same rules apply to third party information as with other health records. The CCG should afford the same level of confidentiality to deceased patient s records as for living ones. 11 Exemptions to the Release of Information The Data Protection Act 1998 makes provision for withholding information in certain circumstances which must be considered when a request is received. The GEMCSU IG Team will liaise with a designated professional holding the record to determine whether an exemption should be applied and document all decisions where this is the case. The reasons for withholding the information will be provided to the requester. Author: GEM CSU IG 8 Approved January 2014

9 12 Subject Access Request Process 12.1 Receiving an access request under the DPA Applications for access to personal data must be made in writing to the GEM CSU IG Lead and sent to: Information Governance Birch House Ransom Wood Business Park Southwell Road West Mansfield Notts NG21 0HJ or by to Applications must be signed and dated by the applicant (but the application process will be supported by GEMCSU who will undertake all relevant checks). Where an application is made on behalf of an individual, adequate authorisation documentation must accompany the written application. The application must clearly identify the person in question, and the records required, including the following details: Full name including previous names Address including previous address(es) NHS number (if available) Date of birth Dates of health/personnel records required 12.2 Provision of Information in response to a request Where requested the CCG will allow data subjects to view their data. The CCG (through the GEM CSU Lead) will provide a data subject with a copy of their information in an intelligible form i.e. the use of jargon, abbreviations or codes contained within the information must be explained. If the information is terminologically difficult or of a technical nature, the designated professional must offer to go through the information with the data subject to explain the meanings. The CCG must take into account the provisions of the Equality Act 2010 and offer information in large print or Braille format for data subjects with visual difficulties. Arrangements will be agreed with the data subject and relevant CCG Managers to facilitate this within the timescales allowed by the Act. Where an access request has previously been complied with under the Act, the CCG does not have to respond to a subsequent identical or similar request unless a reasonable interval has elapsed since the previous compliance (The Information Commissioner s office has Author: GEM CSU IG 9 Approved January 2014

10 defined a reasonable interval to be 12 months). Where the CCG does not hold the personal information requested, it will inform the applicant as quickly as possible Response Times for Disclosure Responses to request for access must be made within 40 days of the date of receipt of the request and/or the fee payable. Failure to do so is a breach of the Act and could lead to a complaint to the Information Commissioner. Failure to comply with a request for subject access, without valid justification is treated as a serious matter and is investigated by the Information Commissioner. Such complaints are dealt with as a matter of priority and may often lead to a full scale investigation into an organisation s procedures and practices. In exceptional circumstances, if it is not possible to comply with this period, the applicant should be informed. Where the CCG has decided to charge a fee for a subject access request, it will inform the applicant that a fee is payable and the amount requested. The CCG is not required to provide the information requested until such time as the fee has been paid. This process is known as stopping the clock and can only be applied where it has been decided to impose a charge e.g. if the charge is requested at day 20 of the process the clock is stopped at that point. Once the charge has been received the clock is restarted at day 20 and the CCG then has 20 days to provide the information that has been requested Charges The following charges apply: Viewing paper or Computer records Copying of only computer records Copying of paper records or a mix of computer and paper records 10 (Maximum charge) 10 (Maximum charge) 10 minimum charge up to a maximum of Data identifying a Third Party Where personal data relating to the applicant also identifies another individual, the applicant s right of access must be weighed against the other data subject s right to privacy. The GEM CSU Lead should attempt, where practicable, to seek the consent of the third party to the release of their data. Where consent is obtained then the information can be released Serious harm or adverse effect on health On inspection of the records the responsible person or CCG designated professional can advise that certain personal information is not released on the grounds that its release would be likely to cause serious harm to the physical or mental health of the person or to others. Author: GEM CSU IG 10 Approved January 2014

11 There is no definite requirement to inform the requestor or their representative that this information has not been released Other Agencies Records Letters or reports from another agency or person may be contained in records held by the CCG. Where this is the case the designated professional reviewing the records should consider the need to approach those agencies or persons to secure agreement for release of those records. If health information has been obtained from another NHS organisation and used for direct care purposes there is no obligation to contact the other organisation for permission to release (but there may be circumstances where this may need to be considered) Requests from public bodies and law enforcement agencies Section 29 of the Data Protection Act outlines the circumstances in which some public bodies have statutory powers that enable them to request access to personal information. The CCG as a data controller will be extremely careful when releasing personal data to such parties and will, following receipt of a request, check that the organisation requesting the disclosure is acting within its powers by asking the applicant to quote the authority on which its power is based. The CCG will only accept the request if it is made in writing and it is able to verify the source of the request and any necessary test of prejudice carried out prior to releasing any personal data through its legal channels if necessary. Law enforcement agencies can request personal information on behalf of and where written consent has been obtained from the individual. If members of staff come across any such requests, they must inform the GEM CSU Information Governance Lead immediately. 13. Incidents Any incident involving a potential breach of the Data Protection Act 1998 or the Access to Health Records Act 1990 should be reported as an incident using the appropriate CCG reporting system. The Caldicott Guardian and relevant line manager should also be informed of this and a decision will be taken whether it is necessary to report this as a Serious Incident under the Serious Incident Reporting and Management Policy and/or to the Information Commissioner. 14. Equality Impact Assessment The CCG aims to design and implement policy documents that meet the diverse needs of our services, population and workforce, ensuring that none are placed at a disadvantage over others. It takes into account current UK legislative requirements, including the Equality Act 2010 and the Human Rights Act 1998, and promotes equal opportunities for all. This document has been designed to ensure that no-one receives less favourable treatment due to their personal circumstances, i.e. the protected characteristics of their age, disability, sex (gender), gender reassignment, sexual orientation, marriage and civil partnership, race, religion or belief, pregnancy and maternity. Appropriate consideration has also been given to gender identity, socio-economic status, immigration status and the principles of the Human Rights Act. Author: GEM CSU IG 11 Approved January 2014

12 In carrying out its functions, the CCG must have due regard to the Public Sector Equality Duty (PSED). This applies to all the activities for which the organisation is responsible, including policy development, review and implementation Due Regard This policy has been reviewed in relation to having due regard to the Public Sector Equality Duty (PSED) of the Equality Act 2010 to eliminate discrimination, harassment, victimisation; to advance equality of opportunity; and foster good relations. 16 Policy Review This policy will be reviewed annually or where significant legal changes have occurred. Author: GEM CSU IG 12 Approved January 2014

13 APPENDIX A - REFERENCES AND BIBLIOGRAPHY Data Protection Act 1998 available from Access to Health Records Act 1990 available from Human Rights Act 1998 available from Freedom of Information available from Record Management available from Common Law of Confidentiality NHS Confidentiality- code of Practice available from PolicyAndGuidance/DH_ NHS For the Record available from dsmanagement/index.htm The Abortion Regulations Act 1991 available from The Computer Misuse Act 1990 available from The Census (Confidentiality) Act The Civil Evidence Act The Electronic Communications Act The Public Interest Disclosure Act Crime and Disorder Act NHS For the Record available from dsmanagement/index.htm NHS Retention of Records available from PolicyAndGuidance/DH_ Mental Capacity Act The National Health Service Act 2006 available from Author: GEM CSU IG 13 Approved January 2014

Subject Access Request (SAR) Procedure

Subject Access Request (SAR) Procedure Subject Access Request (SAR) Procedure East and North Hertfordshire Clinical Commissioning Group Page 1 of 16 DOCUMENT CONTROL SHEET Document Owner: Chief Finance Officer Document Author(s): Anne Ephgrave

More information

Data Subject Access Request Procedure

Data Subject Access Request Procedure Data Subject Access Request Procedure Policy ID IG07 Version: 2.0 Ratified by: Executive Committee Name of originator/author: Justin Dix, Governing Body Secretary Name of responsible committee/individual:

More information

Bring Your Own Device (BYOD) Policy

Bring Your Own Device (BYOD) Policy Bring Your Own Device (BYOD) Policy Document History Document Reference: Document Purpose: Date Approved: Approving Committee: To set out the technical capabilities of the chosen security solution Airwatch

More information

Subject Access Request Policy Number ID ID # 2011 075 Author: Nicola Bateman Author Job Title: Information Governance Manager Division: Corporate Department: Clinical Informatics Version Number: 2.1 Ratifying

More information

ENC Li Subject Access Request Procedure

ENC Li Subject Access Request Procedure Subject Access Request Procedure Version: 1.0 Page 1 of 23 Document control Document Information Document Name: Location: Consultation: Initial approval: Supersedes: Description: Audience: Contact details

More information

Complaints Policy. Complaints Policy. Page 1

Complaints Policy. Complaints Policy. Page 1 Complaints Policy Page 1 Complaints Policy Policy ref no: CCG 006/14 Author (inc job Kat Tucker Complaints & FOI Manager title) Date Approved 25 November 2014 Approved by CCG Governing Body Date of next

More information

Subject Access Request Policy

Subject Access Request Policy Subject Access Request Policy Version Version 4.0 Ratified By Date Ratified 24th February 2015 Author(s) Responsible Committee / Officers Date Issue February 2015 Quality, Performance and Finance Committee

More information

INFORMATION GOVERNANCE POLICY

INFORMATION GOVERNANCE POLICY INFORMATION GOVERNANCE POLICY Information Governance Policy_v2.0_060913_LP Page 1 of 14 Information Reader Box Directorate Purpose Document Purpose Document Name Author Corporate Governance Guidance Policy

More information

Information Sharing Policy

Information Sharing Policy Information Sharing Policy REFERENCE NUMBER IG 010 / 0v3 February 2013 VERSION V1.0 APPROVING COMMITTEE & DATE Clinical Executive Committee 5.2.13 REVIEW DUE DATE February 2016 West Lancashire CCG is committed

More information

Subject Access Requests Policy

Subject Access Requests Policy Subject Access Requests Policy This Policy provides guidance on the processes that are to be followed when dealing with requests for access to personal information under section 7 of the Data Protection

More information

Information Governance Policy

Information Governance Policy Information Governance Policy REFERENCE NUMBER IG 101 / 0v3 May 2012 VERSION V1.0 APPROVING COMMITTEE & DATE Clinical Executive 4.9.12 REVIEW DUE DATE May 2015 West Lancashire CCG is committed to ensuring

More information

Subject Access Request Policy

Subject Access Request Policy Trust Policy Subject Access Request Policy Department / Service: Corporate Originator: Company Secretary Accountable Director: Director of Nursing Approved by: Information Governance Steering Group Trust

More information

INFORMATION GOVERNANCE POLICY

INFORMATION GOVERNANCE POLICY INFORMATION GOVERNANCE POLICY Issued by: Senior Information Risk Owner Policy Classification: Policy No: POLIG001 Information Governance Issue No: 1 Date Issued: 18/11/2013 Page No: 1 of 16 Review Date:

More information

HOW YOU CAN OBTAIN ACCESS TO YOUR PERSONAL RECORDS Notes to accompany Application Form

HOW YOU CAN OBTAIN ACCESS TO YOUR PERSONAL RECORDS Notes to accompany Application Form HOW YOU CAN OBTAIN ACCESS TO YOUR PERSONAL RECORDS Notes to accompany Application Form Your right to request access to your personal records: The gives living individuals the right to request access to

More information

Subject Access Request, Procedure, Guidance and Information

Subject Access Request, Procedure, Guidance and Information Subject Access Request, Procedure, Guidance and Information Updated: July 2015 Page 1 of 61 CONTENTS 1. Introduction 5 2. Legal Context 5 3. Subject Access Request to Personal Records Guidance 6 Guidance

More information

Access to Health Records

Access to Health Records Access to Health Records Crown Heights Medical Centre Procedure Access to Health Records ACCESS TO MEDICAL RECORDS (DATA PROTECTION) POLICY INTRODUCTION The Access to Health Records Act 1990 gave individuals

More information

INFORMATION GOVERNANCE STRATEGIC VISION, POLICY AND FRAMEWORK

INFORMATION GOVERNANCE STRATEGIC VISION, POLICY AND FRAMEWORK INFORMATION GOVERNANCE STRATEGIC VISION, POLICY AND FRAMEWORK Policy approved by: Assurance Committee Date: 3 December 2014 Next Review Date: December 2016 Version: 1.0 Information Governance Strategic

More information

NHS Hardwick Clinical Commissioning Group. Business Continuity Policy

NHS Hardwick Clinical Commissioning Group. Business Continuity Policy NHS Hardwick Clinical Commissioning Group Business Continuity Policy Version Date: 26 January 2016 Version Number: 2.0 Status: Approved Next Revision Due: January 2017 Gordon Stevens MBCI Corporate Assurance

More information

Information Governance Policy

Information Governance Policy Information Governance Policy Policy ID IG02 Version: V1 Date ratified by Governing Body 27/09/13 Author South Commissioning Support Unit Date issued: 21/10/13 Last review date: N/A Next review date: September

More information

DATA PROTECTION ACT 1998 COUNCIL POLICY

DATA PROTECTION ACT 1998 COUNCIL POLICY DATA PROTECTION ACT 1998 COUNCIL POLICY Page 1 of 5 POLICY STATEMENT Blackpool Council recognises the need to fully comply with the requirements of the Data Protection Act 1998 (DPA) and the obligations

More information

Information Governance Policy

Information Governance Policy Author: Susan Hall, Information Governance Manager Owner: Fiona Jamieson, Assistant Director of Healthcare Governance Publisher: Compliance Unit Date of first issue: February 2005 Version: 5 Date of version

More information

Human Resources and Data Protection

Human Resources and Data Protection Human Resources and Data Protection Contents 1. Policy Statement... 1 2. Scope... 2 3. What is personal data?... 2 4. Processing data... 3 5. The eight principles of the Data Protection Act... 4 6. Council

More information

INFORMATION GOVERNANCE OPERATING POLICY & FRAMEWORK

INFORMATION GOVERNANCE OPERATING POLICY & FRAMEWORK INFORMATION GOVERNANCE OPERATING POLICY & FRAMEWORK Log / Control Sheet Responsible Officer: Chief Finance Officer Clinical Lead: Dr J Parker, Caldicott Guardian Author: Associate IG Specialist, Yorkshire

More information

CONTRACTS REVIEW FOR INFORMATION GOVERNANCE COMPLIANCE PROCEDURE

CONTRACTS REVIEW FOR INFORMATION GOVERNANCE COMPLIANCE PROCEDURE This document is uncontrolled once printed. Please check on the CCG s Intranet site for the most up to date version CONTRACTS REVIEW FOR INFORMATION GOVERNANCE COMPLIANCE PROCEDURE Document Title: Contracts

More information

SUBJECT ACCESS REQUEST PROCEDURE

SUBJECT ACCESS REQUEST PROCEDURE This document is uncontrolled once printed. Please check on the CCG s Intranet site for the most up to date version SUBJECT ACCESS REQUEST PROCEDURE DOCUMENT CONTROL Type of Document Document Title Description:

More information

Information Governance Strategy

Information Governance Strategy Information Governance Strategy Document Status Draft Version: V2.1 DOCUMENT CHANGE HISTORY Initiated by Date Author Information Governance Requirements September 2007 Information Governance Group Version

More information

INFORMATION GOVERNANCE STRATEGY

INFORMATION GOVERNANCE STRATEGY INFORMATION GOVERNANCE STRATEGY Page 1 of 10 Strategy Owner Valerie Penn, Head of Governance Strategy Author Caroline Law, Information Governance Project Manager Directorate Corporate Governance Ratifying

More information

Child and Adult Services Subject Access Requests Guidance

Child and Adult Services Subject Access Requests Guidance Child and Adult Services Subject Access Requests Guidance This Guidance is not applicable to Access to Information requests about Adoption. For requests about Adoption please consult the Adoption and Children

More information

Glyncoed Primary School. Data Protection Policy

Glyncoed Primary School. Data Protection Policy Glyncoed Primary School Data Protection Policy Date agreed: March 2015 Review date: March 2017 1 Data Protection Policy Glyncoed Primary School collects and uses personal information about staff, pupils,

More information

Barnsley Clinical Commissioning Group. Information Governance Policy and Management Framework

Barnsley Clinical Commissioning Group. Information Governance Policy and Management Framework Putting Barnsley People First Barnsley Clinical Commissioning Group Information Governance Policy and Management Framework Version: 1.1 Approved By: Governing Body Date Approved: 16 January 2014 Name of

More information

All CCG staff. This policy is due for review on the latest date shown above. After this date, policy and process documents may become invalid.

All CCG staff. This policy is due for review on the latest date shown above. After this date, policy and process documents may become invalid. Policy Type Information Governance Corporate Standing Operating Procedure Human Resources X Policy Name CCG IG03 Information Governance & Information Risk Policy Status Committee approved by Final Governance,

More information

Data Protection Policy

Data Protection Policy Data Protection Policy Version: V1 Ratified by: Operational Management Executive Committee Date ratified: 26 September 2013 Name and Title of originator/author(s): Chris Brady, FOI, Data Protection and

More information

DATA PROTECTION POLICY

DATA PROTECTION POLICY Reference number Approved by Information Management and Technology Board Date approved 14 th May 2012 Version 1.1 Last revised N/A Review date May 2015 Category Information Assurance Owner Data Protection

More information

Human Resources People and Organisational Development. Disciplinary Procedure for Senior Staff

Human Resources People and Organisational Development. Disciplinary Procedure for Senior Staff Human Resources People and Organisational Development Disciplinary Procedure for Senior Staff AUGUST 2015 1. Introduction 1.1 This procedure applies to Senior Staff. Senior Staff includes: 1.1.1 the Vice-Chancellor

More information

DATA PROTECTION POLICY

DATA PROTECTION POLICY Title Author Approved By and Date Review Date Mike Pilling Latest Update- Corporation May 2008 1 Aug 2013 DATA PROTECTION ACT 1998 POLICY FOR ALL STAFF AND STUDENTS 1.0 Introduction 1.1 The Data Protection

More information

Equality and Diversity Policy. Deputy Director of HR Version Number: V.2.00 Date: 27/01/11

Equality and Diversity Policy. Deputy Director of HR Version Number: V.2.00 Date: 27/01/11 Equality and Diversity Policy Author: Deputy Director of HR Version Number: V.2.00 Date: 27/01/11 Approval and Authorisation Completion of the following signature blocks signifies the review and approval

More information

Staple Hill Primary School. Data Protection Policy

Staple Hill Primary School. Data Protection Policy Staple Hill Primary School Data Protection Policy Staple Hill Primary School collects and uses personal information about staff, pupils, parents and other individuals who come into contact with the school.

More information

Claims Management Policy

Claims Management Policy Claims Management Policy April 2015 Author: Responsibility: Janet Young, Governance & Risk Manager All Staff should adhere to this policy Effective Date: April 2015 Review Date: April 2017 Reviewing/Endorsing

More information

Version 1. Chair of Governors Signature.. Review Date: Spring term 2017

Version 1. Chair of Governors Signature.. Review Date: Spring term 2017 Version 1 Chair of Governors Signature.. Date of Adoption/Ratification: 4 th February 2015 Review Date: Spring term 2017 Purpose Cliff Park School s Trust collects and uses personal information about staff,

More information

CCG: IG06: Records Management Policy and Strategy

CCG: IG06: Records Management Policy and Strategy Corporate CCG: IG06: Records Management Policy and Strategy Version Number Date Issued Review Date V3 08/01/2016 01/01/2018 Prepared By: Consultation Process: Senior Governance Manager, NECS CCG Head of

More information

SOCIAL MEDIA POLICY. Senior Governance Officer, NHS North of England Commissioning Support Unit Reference No

SOCIAL MEDIA POLICY. Senior Governance Officer, NHS North of England Commissioning Support Unit Reference No SOCIAL MEDIA POLICY Ratified Governance & Risk Committee 08/2015 Status Final Issued August 2015 Approved By Governance and Risk Committee Consultation Governance and Risk Committee Equality Impact Assessment

More information

Exit Questionnaire and Exit Interview Procedure

Exit Questionnaire and Exit Interview Procedure Exit Questionnaire and Exit Interview Procedure Procedure Reference Number: 2009.51 Approved: Name Date Author: Susan Poole 12/02/13 HR Advisor, Policy and Development Produced: 12/02/13 Review due: 3

More information

Data Protection Policy

Data Protection Policy Data Protection Policy CONTENTS Introduction...2 1. Statement of Intent...2 2. Fair Processing or Privacy Statement...3 3. Data Uses and Processes...4 4. Data Quality and Integrity...4 5. Technical and

More information

MONMOUTHSHIRE COUNTY COUNCIL DATA PROTECTION POLICY

MONMOUTHSHIRE COUNTY COUNCIL DATA PROTECTION POLICY MONMOUTHSHIRE COUNTY COUNCIL DATA PROTECTION POLICY Page 1 of 16 Contents Policy Information 3 Introduction 4 Responsibilities 7 Confidentiality 9 Data recording and storage 11 Subject Access 12 Transparency

More information

Hampstead Parochial CofE Primary School Data Protection Policy Spring 2015

Hampstead Parochial CofE Primary School Data Protection Policy Spring 2015 Hampstead Parochial CofE Primary School Data Protection Policy Spring 2015 1. Introduction and Scope 1.1 The Data Protection Act 1998 is the law that protects personal privacy and applies to any school

More information

Code of practice for employers Avoiding unlawful discrimination while preventing illegal working

Code of practice for employers Avoiding unlawful discrimination while preventing illegal working Code of practice for employers Avoiding unlawful discrimination while preventing illegal working [xx] April 2014 Presented to Parliament pursuant to section 23(1) of the Immigration, Asylum and Nationality

More information

Data Protection Policy

Data Protection Policy Data Protection Policy Owner : Head of Information Management Document ID : ICT-PL-0099 Version : 2.0 Date : May 2015 We will on request produce this Policy, or particular parts of it, in other languages

More information

Berkshire West Clinical Commissioning Groups

Berkshire West Clinical Commissioning Groups Berkshire West Clinical Commissioning Groups Corporate Policy 1 (CP1) CCG Policy for the Handling of Complaints Version: 1 Ratified by: Date ratified: April 2013 Name of originator/author: Name of responsible

More information

NHS Newcastle Gateshead Clinical Commissioning Group. Information Governance Strategy 2015/16

NHS Newcastle Gateshead Clinical Commissioning Group. Information Governance Strategy 2015/16 NHS Newcastle Gateshead Clinical Commissioning Group Information Governance Strategy 2015/16 Document Status Equality Impact Assessment Document Ratified/Approved By Approved No impact NHS Quality, Safety

More information

ACCESS TO PATIENT HEALTHCARE RECORDS UNDER THE DATA PROTECTION ACT 1998 & THE ACCESS TO HEALTH RECORDS ACT 1990

ACCESS TO PATIENT HEALTHCARE RECORDS UNDER THE DATA PROTECTION ACT 1998 & THE ACCESS TO HEALTH RECORDS ACT 1990 ACCESS TO PATIENT HEALTHCARE RECORDS UNDER THE DATA PROTECTION ACT 1998 & THE ACCESS TO HEALTH RECORDS ACT 1990 Relevant to: All staff who receive requests for access to healthcare records. Purpose of

More information

JOB DESCRIPTION. Information Governance Manager

JOB DESCRIPTION. Information Governance Manager JOB DESCRIPTION POST TITLE: Information Governance Manager DIRECTORATE: ACCOUNTABLE TO: BAND: LOCATION: CSS Head of Information Governance 8a CSS Job Purpose The Information Governance Manager will ensure

More information

WEST MIDLANDS POLICE Force Policy Document

WEST MIDLANDS POLICE Force Policy Document WEST MIDLANDS POLICE Force Policy Document POLICY TITLE: POLICY REFERENCE NO: POLICE STAFF DISCIPLINARY PROCEDURE HR/06 Executive Summary The Force expects certain standards of conduct to be maintained

More information

Annual Leave Policy. Document Owner East and North Herts Clinical Commissioning Group. 2 supercedes all previous Annual Leave Policies

Annual Leave Policy. Document Owner East and North Herts Clinical Commissioning Group. 2 supercedes all previous Annual Leave Policies Annual Leave Policy Document Owner Document Author East and North Herts Clinical Commissioning Group Anne Ephgrave Version Directorate Authorised By 2 supercedes all previous Annual Leave Policies Human

More information

The guidance will be developed over time in the light of practical experience.

The guidance will be developed over time in the light of practical experience. Freedom of Information Act Awareness Guidance No. 14 International Relations The Information Commissioner s Office (ICO) has produced this guidance as part of a series of good practice guidance designed

More information

South West Lincolnshire NHS Clinical Commissioning Group Business Continuity Policy

South West Lincolnshire NHS Clinical Commissioning Group Business Continuity Policy South West Lincolnshire NHS Clinical Commissioning Group Business Continuity Policy Reference No: CG 01 Version: Version 1 Approval date 18 December 2013 Date ratified: 18 December 2013 Name of Author

More information

CCG Social Media Policy

CCG Social Media Policy Corporate CCG Social Media Policy Version Number Date Issued Review Date 2 25/03/2015 25/03/2017 Prepared By: Consultation Process: Formally Approved: Governance Manager, North of England Commissioning

More information

Information Governance Strategy 2015/16

Information Governance Strategy 2015/16 Information Governance Strategy 2015/16 Ratified Governing Body (November 2015) Status Final Issued November 2015 Approved By Executive Committee (August 2015) Consultation Equality Impact Assessment Internal

More information

Information Management Policy CCG Policy Reference: IG 2 v4.1

Information Management Policy CCG Policy Reference: IG 2 v4.1 Information Management Policy CCG Policy Reference: IG 2 v4.1 Document Title: Policy Information Management Document Status: Final Page 1 of 15 Issue date: Nov-2015 Review date: Nov-2016 Document control

More information

Guidance for Access to Health Records Requests

Guidance for Access to Health Records Requests Guidance for Access to Health Records Requests February 2010 1 DH INFORMATION READER BOX Policy HR / Workforce Management Planning / Clinical Document Purpose Gateway Reference Title Estates Commissioning

More information

SUBJECT ACCESS REQUEST

SUBJECT ACCESS REQUEST DATA PROTECTION ACT 1998 SUBJECT ACCESS REQUEST Procedure Manual 1 Invest NI Subject Access Request Procedure Manual 1. Introduction 1.1 What is a Subject Access Request? 1.2 Routine Requests 1.3 What

More information

NHS North Durham Clinical Commissioning Group. Information Governance Strategy 2015/16

NHS North Durham Clinical Commissioning Group. Information Governance Strategy 2015/16 NHS North Durham Clinical Commissioning Group Information Governance Strategy 2015/16 Document Status Equality Impact Assessment Document Ratified/Approved By Final No impact Risk and Audit Committee/Governing

More information

Data Protection Policy

Data Protection Policy Data Protection Policy Policy Details Produced by Assistant Principal Information Systems Date produced Approved by Senior Leadership Team (SLT) Date approved July 2011 Linked Policies and Freedom of Information

More information

Version Number Date Issued Review Date V1 25/01/2013 25/01/2013 25/01/2014. NHS North of Tyne Information Governance Manager Consultation

Version Number Date Issued Review Date V1 25/01/2013 25/01/2013 25/01/2014. NHS North of Tyne Information Governance Manager Consultation Northumberland, Newcastle North and East, Newcastle West, Gateshead, South Tyneside, Sunderland, North Durham, Durham Dales, Easington and Sedgefield, Darlington, Hartlepool and Stockton on Tees and South

More information

SCOTLAND S COMMISSIONER FOR CHILDREN AND YOUNG PEOPLE STANDARD CONDITIONS OF CONTRACT FOR SERVICES

SCOTLAND S COMMISSIONER FOR CHILDREN AND YOUNG PEOPLE STANDARD CONDITIONS OF CONTRACT FOR SERVICES SCOTLAND S COMMISSIONER FOR CHILDREN AND YOUNG PEOPLE STANDARD CONDITIONS OF CONTRACT FOR SERVICES 1 1 Definitions In these conditions:- We means Scotland s Commissioner for Children and Young People,

More information

Information Assurance Policies and Guidance. Information Governance Policy. Document Version: v0.5 Review Date: 1 May 2016

Information Assurance Policies and Guidance. Information Governance Policy. Document Version: v0.5 Review Date: 1 May 2016 Information Assurance Policies and Guidance Information Governance Policy Document Version: v0.5 Review Date: 1 May 2016 Owner: Information Governance Manager 1 P a g e Document History Revision Version

More information

Data Protection Policy A copy of this policy is published in the following areas: The school s intranet The school s website

Data Protection Policy A copy of this policy is published in the following areas: The school s intranet The school s website Data Protection Policy A copy of this policy is published in the following areas: The school s intranet The school s website Date created: November 2015 Date for review: July 2016 Created by: Mark Vanstone,

More information

Hardwick Clinical Commissioning Group AGREEMENT FOR THE JOINT HANDLING OF HEALTH AND SOCIAL CARE COMPLAINTS

Hardwick Clinical Commissioning Group AGREEMENT FOR THE JOINT HANDLING OF HEALTH AND SOCIAL CARE COMPLAINTS Hardwick Clinical Commissioning Group AGREEMENT FOR THE JOINT HANDLING OF HEALTH AND SOCIAL CARE COMPLAINTS Agreement for the joint handling of health and social care Name / Title Summary Agreement for

More information

Summary of the Equality Act 2010

Summary of the Equality Act 2010 Equality Act 2010 1 Summary of the Equality Act 2010 The full Equality Act 2010 can be accessed through this link: Equality Act 2010. Introduction and Protected Characteristics The purpose of the Equality

More information

Information Governance Policy

Information Governance Policy Information Governance Policy 1 Introduction Healthwatch Rutland (HWR) needs to collect and use certain types of information about the Data Subjects who come into contact with it in order to carry on its

More information

Information Governance Policy

Information Governance Policy Information Governance Policy Version: Revised: Consultation: Ratified by: 1.0 Information Governance Committee Governance Committee Date ratified: 19 March 2008 Name of originator/author: David McGrath

More information

Equality and Human Rights Impact Assessment (EqHRIA) Standard Operating Procedure

Equality and Human Rights Impact Assessment (EqHRIA) Standard Operating Procedure Equality and Human Rights Impact Assessment (EqHRIA) Standard Operating Procedure Notice: This document has been made available through the Police Service of Scotland Freedom of Information Publication

More information

Data Protection Policy

Data Protection Policy Issue Date: June 2014 Document Number: POL_1006 Prepared by: Information Governance Senior Manager Insert heading depending on Insert line heading length; please depending delete other on line length;

More information

Code of Practice for Ministerial Appointments to Public Bodies

Code of Practice for Ministerial Appointments to Public Bodies This Code of Practice is published by the Commissioner for Public Appointments in fulfilment of his duties as set out in the Order in Council for Public Appointments 2002 (as amended). This Code is effective

More information

Records Management Policy

Records Management Policy Records Management Policy Document information Document type: Operational Policy Document title: Records Management Policy Document date: November 2014 Author: NHS South Commissioning Support Unit, Information

More information

NHS Commissioning Board: Information governance policy

NHS Commissioning Board: Information governance policy NHS Commissioning Board: Information governance policy DOCUMENT STATUS: To be approved / Approved DOCUMENT RATIFIED BY: DATE ISSUED: October 2012 DATE TO BE REVIEWED: April 2013 2 AMENDMENT HISTORY: VERSION

More information

EQUAL OPPORTUNITIES & DIVERSITY POLICY

EQUAL OPPORTUNITIES & DIVERSITY POLICY 1. General dh Recruitment Hereford & Worcester embraces diversity and will seek to promote the benefits of diversity in all of our business activities. We will seek to develop a business culture that reflects

More information

QUEENSLAND COUNTRY HEALTH FUND. privacy policy. Queensland Country Health Fund Ltd ABN 18 085 048 237. better health cover shouldn t hurt

QUEENSLAND COUNTRY HEALTH FUND. privacy policy. Queensland Country Health Fund Ltd ABN 18 085 048 237. better health cover shouldn t hurt QUEENSLAND COUNTRY HEALTH FUND privacy policy Queensland Country Health Fund Ltd ABN 18 085 048 237 better health cover shouldn t hurt 1 2 contents 1. Introduction 4 2. National Privacy Principles 5 3.

More information

Information Governance Policy

Information Governance Policy Information Governance Policy Reference: Information Governance Policy Date Approved: April 2013 Approving Body: Board of Trustees Implementation Date: April 2013 Version: 6 Supersedes: 5 Stakeholder groups

More information

Subject access code of practice

Subject access code of practice Data protection Subject access code of practice Dealing with requests from individuals for personal information Contents 3 Contents 1. About this code of practice 4 Purpose of the code 4 Who should use

More information

Document Control Sheet

Document Control Sheet Policy Document Money Management Policy Lead Director: Frank Toner Lead Assistant Director: Simon White Policy Approved by: Senior Management Group Date Policy approved: February 2012 Implementation Date:

More information

Information Governance Policy

Information Governance Policy Information Governance Policy UNIQUE REF NUMBER: AC/IG/013/V1.2 DOCUMENT STATUS: Approved by Audit Committee 19 June 2013 DATE ISSUED: June 2013 DATE TO BE REVIEWED: June 2014 1 P age AMENDMENT HISTORY

More information

Initial Equality Impact Assessment

Initial Equality Impact Assessment Initial Equality Impact Assessment Department Service Area Date 20/10/11 This Initial EqIA will help you to analyse equality in the context of your policy, practice or function. The assessment is a useful

More information

INFORMATION GOVERNANCE POLICY

INFORMATION GOVERNANCE POLICY INFORMATION GOVERNANCE POLICY Primary Intranet Location Information Management & Governance Version Number Next Review Year Next Review Month 7.0 2018 January Current Author Phil Cottis Author s Job Title

More information

Final Version 1.0 December 2015

Final Version 1.0 December 2015 Final Version 1.0 December 2015 Contents Page 1 Introduction...2 2 Charter Principles...2 3 Scope...2 4 Partner Commitment...3 5 Governance...4 6 The Lawful basis and Legal Requirements...5 7 Personal

More information

Contents. Section/Paragraph Description Page Number

Contents. Section/Paragraph Description Page Number - NON CLINICAL NON CLINICAL NON CLINICAL NON CLINICAL NON CLINICAL NON CLINICAL NON CLINICAL NON CLINICA CLINICAL NON CLINICAL - CLINICAL CLINICAL Complaints Policy Incorporating Compliments, Comments,

More information

EQUALITY ACT 2010: The public sector Equality Duty: reducing bureaucracy. Policy review paper

EQUALITY ACT 2010: The public sector Equality Duty: reducing bureaucracy. Policy review paper EQUALITY ACT 2010: The public sector Equality Duty: reducing bureaucracy 17 March 2011 Contents Introduction 1 Page Reducing bureaucracy and delivering equality improvements 2 Background 3 Details of the

More information

THE EQUALITY ACT 2010

THE EQUALITY ACT 2010 THE EQUALITY ACT 2010 October 1st 2010 saw many of the provisions attained within the Equality Act, which gained Royal Assent on the 8th April 2010, come into force. The following summary has been put

More information

Rules for the use of the IT facilities. Effective August 2015 Present

Rules for the use of the IT facilities. Effective August 2015 Present Rules for the use of the IT facilities Effective August 2015 Present INFORMATION MANAGEMENT GUIDE RULES FOR THE USE OF THE UNIVERSITY S IT FACILITIES ( The Rules ) 1. Introduction 2. Interpretation 3.

More information

Intellectual Property Management Policy

Intellectual Property Management Policy Intellectual Property Management Policy Executive or Associate Director lead Policy author/ lead Feedback on implementation to Clive Clarke Ken Lawrie/Karen Robinson Business Planning Group Date of draft

More information

FINANCIAL POLICY PAYMENT FOR SUPPLIER INVOICES

FINANCIAL POLICY PAYMENT FOR SUPPLIER INVOICES FINANCIAL POLICY PAYMENT FOR SUPPLIER INVOICES Version 1.0 Important: This document can only be considered valid when viewed on the CCG s intranet/y: Drive. If this document has been printed or saved to

More information

Our promise to you. Court Users Charter

Our promise to you. Court Users Charter Our promise to you Court Users Charter April 2015 Introduction Our Court Users Charter sets out our standards of service and our commitments to you. We recognise that attending court is an unfamiliar experience

More information

INFORMATION GOVERNANCE POLICY

INFORMATION GOVERNANCE POLICY Directorate of Performance Assurance INFORMATION GOVERNANCE POLICY Reference: DCP074 Version: 2.5 This version issued: 27/03/15 Result of last review: Minor changes Date approved by owner (if applicable):

More information

Information Governance Policy

Information Governance Policy Information Governance Policy Implementation date: 30 September 2014 Control schedule Approved by Corporate Policy and Strategy Committee Approval date 30 September 2014 Senior Responsible Officer Kirsty-Louise

More information

Complaints Policy and Procedure. Contents. Title: Number: Version: 1.0

Complaints Policy and Procedure. Contents. Title: Number: Version: 1.0 Title: Complaints Policy and Procedure Number: Version: 1.0 Contents 1 Purpose and scope... 2 2 Responsibilities... 2 3 Policy Statement: Aims and Objectives... 4 4 Definition of a complaint... 4 5 Procedure...

More information

Protection. Code of Practice. of Personal Data RPC001147_EN_D_19

Protection. Code of Practice. of Personal Data RPC001147_EN_D_19 Protection of Personal Data RPC001147_EN_D_19 Table of Contents Data Protection Rules Foreword From the Data Protection Commissioner Introduction From the Chairman Data Protection Rules Responsibility

More information

Subject Access Request Procedure (Data Protection) Doc No IMPR04 Rev 2 27/07/11. 1.0 Scope. 2.0 Responsibilities and Definitions

Subject Access Request Procedure (Data Protection) Doc No IMPR04 Rev 2 27/07/11. 1.0 Scope. 2.0 Responsibilities and Definitions Doc No IMPR04 1.0 Scope The Data Protection Act 1998 (DPA) provides individuals with rights in connection with personal data held about them. It provides those individuals with a right of access to that

More information

DATA PROTECTION POLICY. Examples of personal data which TWM may require from clients include the following and for the reasons ascribed to each;

DATA PROTECTION POLICY. Examples of personal data which TWM may require from clients include the following and for the reasons ascribed to each; DATA PROTECTION POLICY Introduction TWM Solicitors maintain certain personal data about individuals for the purposes of satisfying operational and legal obligations. The Data Protection Act sets rules

More information

Liverpool Hope University. Equality and Diversity Policy. Date approved: 14.04.2011 Revised (statutory. 18.02.2012 changes)

Liverpool Hope University. Equality and Diversity Policy. Date approved: 14.04.2011 Revised (statutory. 18.02.2012 changes) Liverpool Hope University Equality and Diversity Policy Approved by: University Council Date approved: 14.04.2011 Revised (statutory 18.02.2012 changes) Consistent with its Mission, Liverpool Hope strives

More information

Complaints and Compensation Policy

Complaints and Compensation Policy Complaints and Compensation Policy 1. Principles 2. Aims 3. Methods 4. Statutory and contractual rights to compensation 5. Statutory and regulatory requirements 6. Performance monitoring 7. Review 8. Date

More information

Information Governance Policy

Information Governance Policy Information Governance Policy Information Governance Policy Issue Date: June 2014 Document Number: POL_1008 Prepared by: Information Governance Senior Manager Insert heading depending on Insert line heading

More information