Information Governance Training Plan v13

Size: px
Start display at page:

Download "Information Governance Training Plan v13"

Transcription

1 Information Governance Training Plan To meet requirements of IGT v13 Lincolnshire East Clinical Commissioning Group Page 1 of 17

2 Contents Introduction Page 3 Training Provision Page 4 Staff Induction Awareness Training Page 5 Accessing Training Needs Page 6 Monitoring Compliance Page 6 Reporting Page 7 Appendix 1 Training Needs Analysis (TNA) Page 8 Appendix 2 HSCIC Training Tool Guidance page 9 Appendix 3 Documented Action Plan for Raising Staff Awareness of IG Responsibilities page 10 Page 2 of 17

3 Introduction To ensure organisational compliance with the law and central guidelines relating to Information Governance (IG), staff must receive appropriate training. Therefore, annual IG training is mandatory for all staff, including new starters, locums, temporary staff, lay members, student and contract staff members. IG training needs should be routinely assessed, monitored and adequately provided for. IG knowledge and awareness should be at the core of the organisation s objectives, embedded amongst other governance initiatives and should offer a stable foundation for the workforce. Without this knowledge the ability of an organisation to meet legal and policy requirements will be severely impaired. In order to fully meet the IGToolkit standard an organisation should establish a clear plan for IG training appropriately tailored to specific staff groups or job roles. This plan should address how and when each work area and/or staff group will be trained, how training needs beyond the basic level will be assessed and should include induction processes for new staff. This training plan has been created by Greater East Midlands Commissioning Support Unit (GEM CSU) IG Service to support the Clinical Commissioning Group (CCG) in meeting the training requirement for the Information Governance Toolkit (IGT) Information Governance awareness and mandatory training procedures are in place and all staff are appropriately trained. In order to be compliant with Department of Health requirements, organisations are expected to ensure that 95% of their staff have received annual mandatory IG training appropriate to their role. This will allow them to reach a compliant level 2 achievement on the Information Governance Toolkit standard relating to staff training (13-134). Where identified with discussions with the CCG GEM CSU IG Service will seek improvements in this requirement from Level 2 to Level 3. Page 3 of 17

4 Training Provision The GEM CSU Human Resources team are rolling out the mandatory IG training modules through the Electronic Staff Record (ESR). All staff will need to undertake a minimum of one of the mandatory modules below annually: For staff that handle personal confidential data including staff information Introduction to Information Governance For staff that have already undertaken the one above (in the previous year) it is recommended that The Refresher Module is completed in years 2 & 3. Staff should register on the ESR system in order to access either of these modules. Instructions are available from the HR team, For those staff who do not have access to ESR such as contractors, agency staff, locums, students, volunteers, trainees, etc. they will need to complete their training via the HSCIC training tool (see appendix 2 - How can I access the HSCIC Training Tool?) It has also been determined by the Department of Health that where staff have already been trained using the NHS IG training Tool, they may in future be trained using approved training materials on a face-to-face basis. The GEM CSU IG team has a centrally approved training presentation and will support the CCG and deliver additional training sessions where online training is not the preferred option. This will provide an alternative method of training where members of staff have been identified as not possessing the required IT skills to complete the training on-line or where staff don t have regularly access to computers. The CCG has opted for the GEM CSU IG team to deliver face to face training sessions to support the CCG in meeting the required training compliance for the IGT. There may be occasions when ad hoc training will need to be delivered by GEM CSU IG Service to CCG staff based on an identified need for e.g. changes in working practices following an incident. Page 4 of 17

5 If staff experience continued problems completing the training modules through ESR, then the HSCIC training tool can be used to complete the mandatory training module to avoid non-compliance, and this approach will require a local decision from each respective CCG. Staff will need to use the HSCIC training tool (see appendix 2) to complete additional training modules as per the Training Needs Analysis (TNA), see appendix 1, as they are not available through ESR. All staff can register to use the HSCIC training tool to complete any IG related training modules that has been identified as appropriate to their staff role. Staff Induction Awareness Training Staff induction needs to address IG training needs as new members of staff may otherwise fail to be picked up by an organisation s rolling training plan. It is vitally important that all new staff (including locums, temporary staff, students, etc.) are made aware of the relevant requirements and in particular given clear guidelines about their own individual responsibilities for compliance. Particular emphasis should be placed on how IG requirements affect their day to day work practices. It is recommended that this guidance is given to new starters on their first day of employment to avoid the risk of information security breaches. Appendix 3 identifies all Information Governance related areas where staff awareness is required. CCGs should have a defined and documented induction policy or process that includes the requirement for staff to complete their IG training prior to use of any systems containing personal or sensitive information. Staff should be made aware of the CCGs Staff Code of Conduct either via a link or given their own copy, along with the links to the IG policies and the IG E-Learning tool through the Electronic Staff Record as part of the induction process. The Induction Process is currently being reviewed by GEMCSU. Page 5 of 17

6 Accessing Training Needs Staff inevitably have different levels of awareness of their responsibilities for safeguarding confidentiality, protecting data and preserving information security. In most cases the mandatory basic training through ESR or the HSCIC training tool will be sufficient to give staff the knowledge that they require. A training needs analysis (TNA) has been created (see appendix 1) that identifies those additional training modules that need to be completed by specific job roles. This information has been taken from the guidance within each requirement of the toolkit. The TNA identifies the training modules that are mandatory, recommended or optional for specific job roles to complete. Please note these training modules are only available through the HSCIC training tool. Please see appendix 2 for guidance on how to access the HSCIC Training Tool. A staff members line manager will undergo appraisals with the staff on an annual basis. At this point, an assessment of current levels of skills and competencies can be undertaken and any further training needs identified. Monitoring Compliance Regular staff updates and s will be circulated to ensure staff are aware of the requirement to undertake the training. If this is not completed by the determined date, line managers will be contacted to cascade the training requirement. The GEM CSU IG team holds a record of staff IG training compliance and reports compliance at the CCG IG working group meetings. It is important that study time is protected so that all staff is able to access or attend training. Page 6 of 17

7 Reporting In order to ensure correct reporting of uptake of the training, reports will be run through both systems (ESR & HSCIC), along with the attendance records of any face to face training delivered. The GEM CSU IG team will administer the HSCIC training tool for the CCG, this will enable GEM CSU IG team to report on training uptake and target staff to complete training where non-compliance is identified. Page 7 of 17

8 Appendix 1 - Training Needs Analysis Job Role Introduction to IG (Year 1) IG-Refresher Module (Years 2 & 3) The Caldicott Guardian in the NHS & Social Care NHS Information Risk Management for SIROs & IAOs NHS Information Risk Management - Introductory NHS Information Risk Management - Foundation Password Management Information Security Guidelines Patient Confidentiality IG Lead (CCG) Mandatory Mandatory Recommended Recommended Recommended Recommended Optional Recommended Optional Caldicott Guardian Mandatory Mandatory Mandatory Optional Optional Optional Optional Recommended Mandatory SIRO Mandatory Mandatory Recommended Mandatory Mandatory Mandatory Optional Mandatory Optional IAO & IAA Mandatory Mandatory Optional Mandatory Mandatory Mandatory Optional Mandatory Optional Records Manager Mandatory Mandatory Optional Optional Optional Optional Optional Recommended Optional Admin/Clerical/ Other Mandatory Mandatory Optional Optional Optional Optional Optional Recommended Optional Job Role Access to Health Records Records Management and the NHS Code of Practice Records Management in the NHS Secure Transfers of Personal Data Business Continuity Management NEW-Access to Information & Information Sharing in the NHS - NEW-Secure Handling of Confidential Information NEW- Information Security Management IG Lead (CCG) Optional Optional Optional Optional Recommended Recommended Optional Optional Caldicott Guardian Optional Optional Optional Optional Optional Mandatory Recommended Optional SIRO Optional Optional Optional Optional Recommended Recommended Recommended Mandatory IAO & IAA Optional Optional Optional Optional Optional Recommended Recommended Mandatory Records Manager Mandatory Mandatory Mandatory Optional Optional Optional Optional Optional Admin/Clerical/ Other Optional Optional Optional Optional Optional Optional Optional Optional Page 8 of 17

9 Appendix 2 How can I access the HSCIC Training Tool? 1.0 To access the Training Tool follow this link: To register as a new user: Select Register Now When the Organisation Search box appears type in your organisation code 03T From this point onwards, please follow the instructions on screen 3.0 To access training modules Log in using your username & password Select Learning Tools from the top menu Select the module you wish to complete, and then select Launch You can print your certificate when you have passed the module 4.0 I have already registered onto the site and forgotten my password. What should I do? Select reset my password from the homepage Page 9 of 17

10 DOCUMENTED ACTION PLAN FOR RAISING STAFF AWARENESS 1) The Health and Social Care Information Centre Information Governance Toolkit (IGT) requires organisations providing health and social care services to have a documented action to promote staff awareness of information governance standards, inform staff of their responsibilities and the consequences of misconduct and advise staff their compliance with IG requirements will be checked and monitored 2) Requirement states Clinical Commissioning Groups (CCGs) are required to have a documented action plan for raising awareness of and compliance with information governance standards and to inform staff of their responsibilities and the consequences of misconduct. Staff may be informed through team meetings, awareness sessions or staff briefing materials. In all cases, staff refers all staff (new and existing), including new starters, locum, temporary, student and contract staff members). 3) The IGT Requirements listed below, will be incorporated into the CCG s Information Governance Work plan for completing IG Toolkit Governance Return V12 and forms part of the CCG s IG Training Plan. 4) The relevant IG Toolkit Requirements which require the CCG to promote staff awareness are as follows:- IGT Req Level Key messages to be communicated to staff and made available throughout the organisations Examples of suitable evidence Delivery Method a IG Policies have been communicated to appropriate staff and made available throughout the organisation Selection of Policies Overarching Information Governance Policy; Confidentiality and Data Protection Policy; Information Security Policy; Corporate Governance Policy (incl. FOI); Information Lifecycle Management Policy (incl. Records management and Information Quality) Intranet/Internet Copies given to staff on induction Page 10 of 17

11 c/2a Guidelines and training materials for staff setting out the CCG's expectations for working practices and behaviours related to information governance (for new and existing staff) Staff Code of Conduct; Training materials; IG Handbook; Induction Programme for New Starters Intranet/Internet a/1b/1c/2c Information Governance Awareness and Mandatory Training for everyone! And additional training for staff in key roles TNA to cover mandatory IG Training/ additional training for key staff groups/ Induction Programme for New Starters/ Training materials/ documented training programme/training Records /Test of Comprehension /Reports evidencing numbers of staff trained ESR/ HSCIC e-learning Tool/ Face to Face b All staff assigned responsibility for co-ordinating and implementing the confidentiality and data protection work programme (Caldicott Function) have been appropriately trained to carry out their role TRAINING EVIDENCE as above b/2a There is staff guidance on keeping personal information secure, on respecting the confidentiality of service users and on the duty to share information for care purposes. Documented/ IG Handbook/ Leaflet /Staff Induction Materials/ Review of TNA Intranet/Internet Page 11 of 17

12 b/2a/2b There are guidelines for staff on when it is both lawful and appropriate to share confidential personal information and on respecting service user wishes and all staff members have been informed of the guidance and in particular of their own responsibility for compliance. as above as above a/2b All staff members are aware of their responsibility to support subject access requests and where in the organisation such requests are ultimately handled. Front-line staff to be provided with more detailed guidance about the procedure to follow. Documented procedure for processing SAR requests/ TNA/ training attendance lists/ staff briefing materials/ presentations Intranet/ Internet/ agendas/ notes/ minutes/ briefing materials a All staff members with the potential to access confidentiality personal information have been informed that monitoring and auditing of access is being carried out, of the need for compliance with confidentiality and security procedures and the sanctions for failure to comply. Documented confidentiality audit procedure Intranet/ Internet /team meetings, awareness sessions, staff briefing materials or staff may be provided with their own copy of the procedures a All staff members that are likely to introduce new information processes or information assets are effectively informed about the requirement to obtain approval from the IG forum (or equivalent) at the proposal stage of the new process or information asst. Privacy Impact Assessment procedure Intranet/ Internet /team meetings, awareness sessions, staff briefing materials Page 12 of 17

13 a/2a Employees are informed of the nature and source of any information stored about them, how it will be used, who it will be disclosed to; and their data protection rights regarding access and sharing of the personal information Documented Policy; Copy of Information Provided; The CCG's Website to provide information on how personal information about patients or other service users is stored, used and shared and informs individuals about their rights in relation to that information A copy of the relevant web pages b All staff assigned responsibility Information Security have been appropriately trained to carry out their role Information Governance Management Framework Policy Training attendance lists/ training materials/ existing qualifications/ training evaluation records Page 13 of 17

14 a The training needs of RA staff have been analysed and a training programme has been implemented to ensure that all staff assigned responsibility for managing and implementing the RA function have access to the latest software and RA Process Guidance and are appropriately trained to carry out their role RA Policy TNA/ training attendance certificates/ training materials/ existing qualifications/ training evaluation records a/2b Procedure advising Smartcard users of the Terms and Conditions they sign up to upon acceptance of a Smartcard. All NHS Smartcard users, including new, temporary and contract staff members are aware that compliance with the T&Cs of NHS Smartcard usage is monitored and of the procedures for breach and disciplinary measures RA Plan/Procedure setting out Terms and Conditions of Smartcard usage & documented audits showing processes for monitoring NHS Smartcard usage and compliance with T&Cs; audit report on the outcome of checking that all NHS Smartcard users have electronically signed their T&Cs; Intranet/ Internet/ Staff Handbook/ Staff briefing materials and induction materials Page 14 of 17

15 a The SIRO and all other staff assigned responsibility for coordinating and implementing information risk management have been appropriately trained to carry out their role TNA/ training attendance lists/ training materials/ existing qualifications or training evaluation records c All relevant staff are made aware of business continuity plans and any implications for their role - all staff are aware of their roles and responsibilities Business Continuity Plans for individual Information Assets Minutes/ team meeting notes, staff briefing materials or materials of awareness sessions b Approved procedure and controls are made available at appropriate points in the organisation and all relevant staff have been informed of their responsibilities to maintain network security. Network Security Policy Intranet/ Internet/ Staff Handbook/ Staff briefing materials and 'IT User' induction materials a/2b There are documented procedures for mobile working or teleworking that provide guidelines for staff on expected behaviours AUP for and internet use, data handling procedures, safe haven procedures, training materials or other staff guidance Intranet/ Internet Page 15 of 17

16 b Staff members have been informed of the incident reporting procedures and in particular of their own responsibilities for reporting incidents and nearmisses Documented incident management and report procedures and a template incident reporting form for staff Minutes/Notes of team meetings/ briefing materials used in awareness sessions c Relevant staff members have been effectively informed of the secure transfer and receipt requirement for personal and sensitive information AUP for and internet use, data handling procedures, safe haven procedures, training materials or other staff guidance (AUP - Documented Policy for approvals and authorisation for mobile and teleworking) Intranet/ Internet b All staff assigned responsibility for Information Quality and Records Management Assurance have been appropriately trained to carry out their role Information Governance Management Framework Training attendance lists, training materials, qualification certificates, or training evaluation records Page 16 of 17

17 c The project plan to support the consistent and comprehensive use of NHS number has been publicised and staff are aware that changes will be introduced to ensure the NHS Number is used as the key identifier in-line with the Safe Practice Notice Comms Plan/ Data Quality Policy advocating the NHS Number Programme Intranet/ Internet Page 17 of 17

Information Governance Strategy. Version No 2.1

Information Governance Strategy. Version No 2.1 Livewell Southwest Information Governance Strategy Version No 2.1 Notice to staff using a paper copy of this guidance. The policies and procedures page of LSW Intranet holds the most recent version of

More information

Information Governance Policy

Information Governance Policy Policy Policy Number / Version: v2.0 Ratified by: Audit Committee Date ratified: 25 th February 2015 Review date: 24 th February 2016 Name of originator/author: Name of responsible committee/individual:

More information

Information Governance Strategy. Version No 2.0

Information Governance Strategy. Version No 2.0 Plymouth Community Healthcare CIC Information Governance Strategy Version No 2.0 Notice to staff using a paper copy of this guidance. The policies and procedures page of PCH Intranet holds the most recent

More information

Information Governance Strategy :

Information Governance Strategy : Item 11 Strategy Strategy : Date Issued: Date To Be Reviewed: VOY xx Annually 1 Policy Title: Strategy Supersedes: All previous Strategies 18/12/13: Initial draft Description of Amendments 19/12/13: Update

More information

INFORMATION GOVERNANCE POLICY & FRAMEWORK

INFORMATION GOVERNANCE POLICY & FRAMEWORK INFORMATION GOVERNANCE POLICY & FRAMEWORK Version 1.2 Committee Approved by Audit Committee Date Approved 5 March 2015 Author: Responsible Lead: Associate IG Specialist, YHCS Corporate & Governance Manger

More information

INFORMATION GOVERNANCE STRATEGY

INFORMATION GOVERNANCE STRATEGY INFORMATION GOVERNANCE STRATEGY Page 1 of 10 Strategy Owner Valerie Penn, Head of Governance Strategy Author Caroline Law, Information Governance Project Manager Directorate Corporate Governance Ratifying

More information

Barnsley Clinical Commissioning Group. Information Governance Policy and Management Framework

Barnsley Clinical Commissioning Group. Information Governance Policy and Management Framework Putting Barnsley People First Barnsley Clinical Commissioning Group Information Governance Policy and Management Framework Version: 1.1 Approved By: Governing Body Date Approved: 16 January 2014 Name of

More information

Policy Document Control Page

Policy Document Control Page Policy Document Control Page Title Title: Information Governance Policy Version: 5 Reference Number: CO44 Keywords: Information Governance Supersedes Supersedes: Version 4 Description of Amendment(s):

More information

Information Governance Plan

Information Governance Plan Information Governance Plan 2013 2015 1. Overview 1.1 Information is a vital asset, both in terms of the clinical management of individual patients and the efficient organisation of services and resources.

More information

INFORMATION GOVERNANCE OPERATING POLICY & FRAMEWORK

INFORMATION GOVERNANCE OPERATING POLICY & FRAMEWORK INFORMATION GOVERNANCE OPERATING POLICY & FRAMEWORK Log / Control Sheet Responsible Officer: Chief Finance Officer Clinical Lead: Dr J Parker, Caldicott Guardian Author: Associate IG Specialist, Yorkshire

More information

INFORMATION GOVERNANCE POLICY

INFORMATION GOVERNANCE POLICY INFORMATION GOVERNANCE POLICY Information Governance Policy_v2.0_060913_LP Page 1 of 14 Information Reader Box Directorate Purpose Document Purpose Document Name Author Corporate Governance Guidance Policy

More information

INFORMATION GOVERNANCE AND DATA PROTECTION POLICY

INFORMATION GOVERNANCE AND DATA PROTECTION POLICY INFORMATION GOVERNANCE AND DATA PROTECTION POLICY WN CCG Information Governance & Data Protection Policy July 2013 1 Document Control Sheet Name of Document: Information Governance & Data Protection Policy

More information

A Question of Balance

A Question of Balance A Question of Balance Independent Assurance of Information Governance Returns Audit Requirement Sheets Contents Scope 4 How to use the audit requirement sheets 4 Evidence 5 Sources of assurance 5 What

More information

Information Governance Strategy

Information Governance Strategy Information Governance Strategy To whom this document applies: All Trust staff, including agency and contractors Procedural Documents Approval Committee Issue Date: January 2010 Version 1 Document reference:

More information

Information Governance Framework

Information Governance Framework Information Governance Framework Authorship: Chris Wallace, Information Governance Manager Committee Approved: Integrated Audit and Governance Committee Approved date: 11th March 2014 Review Date: March

More information

Information Governance Strategy

Information Governance Strategy Information Governance Strategy ONCE PRINTED OFF, THIS IS AN UNCONTROLLED DOCUMENT. PLEASE CHECK THE INTRANET FOR THE MOST UP TO DATE COPY Target Audience: All staff employed or working on behalf of the

More information

Information Governance Management Framework

Information Governance Management Framework Information Governance Management Framework Responsible Officer Author Business Planning & Resources Director Governance Manager Date effective from October 2015 Date last amended October 2015 Review date

More information

Information Security Assurance Plan 2015/16

Information Security Assurance Plan 2015/16 Information Security Assurance Plan 2015/16 Policy number: N/A Version 2.0 Approved by Name of author/originator Owner (Exec Director) Date of approval August 2015 Date of last review July 2015 Next due

More information

Information Governance Framework and Strategy. November 2014

Information Governance Framework and Strategy. November 2014 November 2014 Authorship : Committee Approved : Chris Wallace Information Governance Manager CCG Senior Management Team and Joint Trade Union Partnership Forum Approved Date : November 2014 Review Date

More information

Information Governance Policy

Information Governance Policy Information Governance Policy Policy Summary This policy outlines the organisation s approach to the management of Information Governance and information handling. It explains the accountability and reporting

More information

Information Governance Policy Version - Final Date for Review: 1 October 2017 Lead Director: Performance, Quality and Cooperate Affairs

Information Governance Policy Version - Final Date for Review: 1 October 2017 Lead Director: Performance, Quality and Cooperate Affairs Information Governance Policy Version - Final Date for Review: 1 October 2017 Lead Director: Performance, Quality and Cooperate Affairs NOTE: This is a CONTROLLED Document. Any documents appearing in paper

More information

Information Governance Policy

Information Governance Policy Information Governance Policy Version 1.1 Responsible Person Information Governance Manager Lead Director Head of Corporate Services Consultation Route Information Governance Steering Group Approval Route

More information

Information Governance Policy

Information Governance Policy Information Governance Policy Policy ID IG02 Version: V1 Date ratified by Governing Body 27/09/13 Author South Commissioning Support Unit Date issued: 21/10/13 Last review date: N/A Next review date: September

More information

All CCG staff. This policy is due for review on the latest date shown above. After this date, policy and process documents may become invalid.

All CCG staff. This policy is due for review on the latest date shown above. After this date, policy and process documents may become invalid. Policy Type Information Governance Corporate Standing Operating Procedure Human Resources X Policy Name CCG IG03 Information Governance & Information Risk Policy Status Committee approved by Final Governance,

More information

INFORMATION RISK MANAGEMENT POLICY

INFORMATION RISK MANAGEMENT POLICY INFORMATION RISK MANAGEMENT POLICY DOCUMENT CONTROL: Version: 1 Ratified by: Steering Group / Risk Management Sub Group Date ratified: 21 November 2012 Name of originator/author: Manager Name of responsible

More information

Information Governance Policy. 2 RESPONSIBLE PERSON: Steve Beeho, Head of Integrated Governance. All CCG-employed staff.

Information Governance Policy. 2 RESPONSIBLE PERSON: Steve Beeho, Head of Integrated Governance. All CCG-employed staff. Information Governance Policy 1 SUMMARY This policy is intended to ensure that staff are fully aware of their Information Governance (IG) responsibilities, so that they can effectively manage and best

More information

Information Governance and Data Protection Policy

Information Governance and Data Protection Policy Information Governance and Data Protection Policy Page 1 of 21 Document Control Sheet Name of document: Version: Owner: File location / Filename: Information Governance and Data Protection Policy Final

More information

INFORMATION GOVERNANCE STRATEGIC VISION, POLICY AND FRAMEWORK

INFORMATION GOVERNANCE STRATEGIC VISION, POLICY AND FRAMEWORK INFORMATION GOVERNANCE STRATEGIC VISION, POLICY AND FRAMEWORK Policy approved by: Assurance Committee Date: 3 December 2014 Next Review Date: December 2016 Version: 1.0 Information Governance Strategic

More information

INFORMATION GOVERNANCE POLICY

INFORMATION GOVERNANCE POLICY INFORMATION GOVERNANCE POLICY POLICY NO IM&T 011 DATE RATIFIED January 2012 NEXT REVIEW DATE January 2015 POLICY STATEMENT/KEY OBJECTIVE: To provide an overarching framework through which Information Governance

More information

Information Governance Policy

Information Governance Policy Information Governance Policy Document Number 01 Version Number 2.0 Approved by / Date approved Effective Authority Customer Services & ICT Authorised by Assistant Director Customer Services & ICT Contact

More information

Information Governance Policy

Information Governance Policy Information Governance Policy REFERENCE NUMBER IG 101 / 0v3 May 2012 VERSION V1.0 APPROVING COMMITTEE & DATE Clinical Executive 4.9.12 REVIEW DUE DATE May 2015 West Lancashire CCG is committed to ensuring

More information

INFORMATION GOVERNANCE POLICY

INFORMATION GOVERNANCE POLICY INFORMATION GOVERNANCE POLICY Name of Policy Author: Name of Review/Development Body: Ratification Body: Ruth Drewett Information Governance Steering Group Committee Trust Board : April 2015 Review date:

More information

BEFORE USING THIS GUIDANCE, MAKE SURE YOU HAVE THE MOST UP TO DATE VERSION GUIDANCE 2 POLICY AREA: INFORMATION GOVERNANCE

BEFORE USING THIS GUIDANCE, MAKE SURE YOU HAVE THE MOST UP TO DATE VERSION GUIDANCE 2 POLICY AREA: INFORMATION GOVERNANCE GUIDANCE 1 TITLE: INFORMATION GOVERNANCE FRAMEWORK 2 POLICY AREA: INFORMATION GOVERNANCE 3 ACCOUNTABLE DIRECTOR FOR POLICY AREA: DIRECTOR OF QUALITY AND GOVERNANCE 4 GUIDANCE DRAFTED BY: INTEGRATED GOVERNANCE

More information

Version Number Date Issued Review Date V1 25/01/2013 25/01/2013 25/01/2014. NHS North of Tyne Information Governance Manager Consultation

Version Number Date Issued Review Date V1 25/01/2013 25/01/2013 25/01/2014. NHS North of Tyne Information Governance Manager Consultation Northumberland, Newcastle North and East, Newcastle West, Gateshead, South Tyneside, Sunderland, North Durham, Durham Dales, Easington and Sedgefield, Darlington, Hartlepool and Stockton on Tees and South

More information

NHS Waltham Forest Clinical Commissioning Group Information Governance Policy

NHS Waltham Forest Clinical Commissioning Group Information Governance Policy NHS Waltham Forest Clinical Commissioning Group Information Governance Policy Author: Zeb Alam & David Pearce Version 3.0 Amendments to Version 2.1 Updates made in line with National Guidance and Legislation

More information

Information Governance Policy

Information Governance Policy Information Governance Policy Information Governance Policy Issue Date: June 2014 Document Number: POL_1008 Prepared by: Information Governance Senior Manager Insert heading depending on Insert line heading

More information

INFORMATION GOVERNANCE STAFF HANDBOOK

INFORMATION GOVERNANCE STAFF HANDBOOK INFORMATION GOVERNANCE STAFF HANDBOOK Contents Why do YOU need to know about Information Governance (IG)?... 2 Keeping Information Safe... 2 Confidentiality... 2 Deciding to Communicate Important Information...

More information

Information Governance Training in NHS Wales: Summary of findings from ICO reviews

Information Governance Training in NHS Wales: Summary of findings from ICO reviews Information Governance Training in NHS Wales: Summary of findings from ICO reviews June 2015 Introduction The Information Commissioner s Office (ICO) is the regulator for data protection and works with

More information

INFORMATION GOVERNANCE POLICY

INFORMATION GOVERNANCE POLICY Directorate of Performance Assurance INFORMATION GOVERNANCE POLICY Reference: DCP074 Version: 2.5 This version issued: 27/03/15 Result of last review: Minor changes Date approved by owner (if applicable):

More information

1.5 The Information Governance Policy should be read in conjunction with the Information Governance Strategy.

1.5 The Information Governance Policy should be read in conjunction with the Information Governance Strategy. Title: Reference No: NHSNYYIG - 007 Owner: Author: INFORMATION GOVERNANCE POLICY Director of Standards First Issued On: September 2010 Latest Issue Date: February 2012 Operational Date: February 2012 Review

More information

Information Governance Policy

Information Governance Policy Information Governance Policy Version: 4 Bodies consulted: Caldicott Guardian, IM&T Directors Approved by: MT Date Approved: 27/10/2015 Lead Manager: Governance Manager Responsible Director: SIRO Date

More information

INFORMATION GOVERNANCE HANDBOOK

INFORMATION GOVERNANCE HANDBOOK INFORMATION GOVERNANCE HANDBOOK Information Governance Handbook_V1.0 1 Information Reader Box Function Purpose Document Purpose Document Name Author Corporate Governance Guidance Procedures Information

More information

CCG: IG06: Records Management Policy and Strategy

CCG: IG06: Records Management Policy and Strategy Corporate CCG: IG06: Records Management Policy and Strategy Version Number Date Issued Review Date V3 08/01/2016 01/01/2018 Prepared By: Consultation Process: Senior Governance Manager, NECS CCG Head of

More information

NHS Newcastle Gateshead Clinical Commissioning Group. Information Governance Strategy 2015/16

NHS Newcastle Gateshead Clinical Commissioning Group. Information Governance Strategy 2015/16 NHS Newcastle Gateshead Clinical Commissioning Group Information Governance Strategy 2015/16 Document Status Equality Impact Assessment Document Ratified/Approved By Approved No impact NHS Quality, Safety

More information

SLMS-IG16 Training Needs Analysis

SLMS-IG16 Training Needs Analysis SLMS-IG16 Training Needs Analysis Document Information Document Name SLMS-IG16 Training Needs Analysis Author Kristina Drew Issue Date 02/08/2013 Approved By Chair of SLMS IGSG Next review Three years

More information

NHS North Durham Clinical Commissioning Group. Information Governance Strategy 2015/16

NHS North Durham Clinical Commissioning Group. Information Governance Strategy 2015/16 NHS North Durham Clinical Commissioning Group Information Governance Strategy 2015/16 Document Status Equality Impact Assessment Document Ratified/Approved By Final No impact Risk and Audit Committee/Governing

More information

Information Governance Strategy 2015/16

Information Governance Strategy 2015/16 Information Governance Strategy 2015/16 Ratified Governing Body (November 2015) Status Final Issued November 2015 Approved By Executive Committee (August 2015) Consultation Equality Impact Assessment Internal

More information

NHS DORSET CLINICAL COMMISSIONING GROUP GOVERNING BODY INFORMATION GOVERNANCE TOOLKIT REPORT

NHS DORSET CLINICAL COMMISSIONING GROUP GOVERNING BODY INFORMATION GOVERNANCE TOOLKIT REPORT NHS DORSET CLINICAL COMMISSIONING GROUP GOVERNING BODY INFORMATION GOVERNANCE TOOLKIT REPORT 9.7 Date of the meeting 15/07/2015 Author Sponsoring Clinician Purpose of Report Recommendation J Green - Head

More information

NHS Commissioning Board: Information governance policy

NHS Commissioning Board: Information governance policy NHS Commissioning Board: Information governance policy DOCUMENT STATUS: To be approved / Approved DOCUMENT RATIFIED BY: DATE ISSUED: October 2012 DATE TO BE REVIEWED: April 2013 2 AMENDMENT HISTORY: VERSION

More information

INFORMATION GOVERNANCE AND SECURITY 1 POLICY DRAFTED BY: INFORMATION GOVERNANCE LEAD 2 ACCOUNTABLE DIRECTOR: SENIOR INFORMATION RISK OWNER

INFORMATION GOVERNANCE AND SECURITY 1 POLICY DRAFTED BY: INFORMATION GOVERNANCE LEAD 2 ACCOUNTABLE DIRECTOR: SENIOR INFORMATION RISK OWNER INFORMATION GOVERNANCE AND SECURITY 1 POLICY DRAFTED BY: INFORMATION GOVERNANCE LEAD 2 ACCOUNTABLE DIRECTOR: SENIOR INFORMATION RISK OWNER 3 APPLIES TO: ALL STAFF 4 COMMITTEE & DATE APPROVED: AUDIT COMMITTEE

More information

Further to reports to EAG in February and March 2014, the purpose of this report is to;

Further to reports to EAG in February and March 2014, the purpose of this report is to; Report to: Trust Board of Directors Date of Meeting: 29 May 2014 Report Title: Annual Information Governance Report 13/14 Status: Mark relevant box with X Prepared by: Executive Sponsor (presenting): Appendices

More information

INFORMATION GOVERNANCE POLICY

INFORMATION GOVERNANCE POLICY INFORMATION GOVERNANCE POLICY Primary Intranet Location Information Management & Governance Version Number Next Review Year Next Review Month 7.0 2018 January Current Author Phil Cottis Author s Job Title

More information

Information Governance Strategy Includes Information risk & incident management methodology

Information Governance Strategy Includes Information risk & incident management methodology Version 3.0 LOGOLOGO Information Governance Strategy Includes Information risk & incident management methodology Approved by: Quality Assurance Group Ratification date: March 2015 Review date: March 2016

More information

Information Governance Management Framework

Information Governance Management Framework Information Governance Management Framework Document Status: Approved Version: v 1.3 DOCUMENT CHANGE HISTORY Version Date Comments (i.e. viewed, or reviewed, amended, approved by person or committee v1.0

More information

Policy Checklist. Head of Information Governance

Policy Checklist. Head of Information Governance Policy Checklist Name of Policy: Information Governance Policy Purpose of Policy: To provide guidance to all staff on their responsibilities regarding information governance and to ensure that the Trust

More information

Information Governance Policy

Information Governance Policy Author: Susan Hall, Information Governance Manager Owner: Fiona Jamieson, Assistant Director of Healthcare Governance Publisher: Compliance Unit Date of first issue: February 2005 Version: 5 Date of version

More information

NHS Waltham Forest Clinical Commissioning Group Information Governance Strategy

NHS Waltham Forest Clinical Commissioning Group Information Governance Strategy NHS Waltham Forest Clinical Commissioning Group Governance Strategy Author: Zeb Alam, CCG IG Lead, (NELCSU) David Pearce, Head of Governance, WFCCG Version 3.0 Amendments to Version 2.1 Annual Review Reference

More information

INFORMATION GOVERNANCE POLICY

INFORMATION GOVERNANCE POLICY INFORMATION GOVERNANCE POLICY Including the Information Governance Strategy Framework and associated Information Governance Procedures Last Review Date Approving Body N/A Governing Body Date of Approval

More information

INFORMATION GOVERNANCE

INFORMATION GOVERNANCE This document is uncontrolled once printed. Please refer to the Trusts Intranet site (Procedural Documents) for the most up to date version INFORMATION GOVERNANCE NGH-PO-233 Ratified By: Procedural Document

More information

Policies for: Information Governance Information Quality Information Management Information Security. Version Control Version: 0.1

Policies for: Information Governance Information Quality Information Management Information Security. Version Control Version: 0.1 Policies for: Information Governance Information Quality Information Management Information Security Approved by: None this version Date approved: Name of originator/author: Ade Oduntan, Mike Hellier,

More information

Information Governance Policy

Information Governance Policy BEXLEY CARE TRUST MANAGEMENT MANUAL Title: INFORMATION GOVERNANCE POLICY Originating Department: IT DEPARTMENT Authorised by: Risk Management Committee June 2008 Reference no: CA12 Date of Issue: JANUARY

More information

Information Governance Policy

Information Governance Policy Information Governance Policy UNIQUE REF NUMBER: AC/IG/013/V1.2 DOCUMENT STATUS: Approved by Audit Committee 19 June 2013 DATE ISSUED: June 2013 DATE TO BE REVIEWED: June 2014 1 P age AMENDMENT HISTORY

More information

Information Governance Standards in Relation to Third Party Suppliers and Contractors

Information Governance Standards in Relation to Third Party Suppliers and Contractors Information Governance Standards in Relation to Third Party Suppliers and Contractors Document Summary Ensure staff members are aware of the standards that should be in place when considering engaging

More information

INFORMATION GOVERNANCE POLICY

INFORMATION GOVERNANCE POLICY INFORMATION GOVERNANCE POLICY Version Version 1 Ratified By Date Ratified PROPOSED FOR APPROVAL 15/11/12 Author(s) Responsible Committee / Officers Date Issue November 2012 Review Date November 2013 Intended

More information

Information Governance Strategy Includes Information risk & incident management methodology

Information Governance Strategy Includes Information risk & incident management methodology Version 2.0 LOGOLOGO Information Governance Strategy Includes Information risk & incident management methodology Approved by: Quality & Governance Committee Ratification date: May 2014 Review date: May

More information

Trust Informatics Policy. Information Governance. Information Governance Policy

Trust Informatics Policy. Information Governance. Information Governance Policy Trust Informatics Policy Information Governance Policy Reference: TIP/IG/IGP I:\IG\IGM\IGT\March 2011\Document Library\Policies\Approved/ - 1 Document Control Policy Title Author/Contact Document Reference

More information

Policy: D9 Data Quality Policy

Policy: D9 Data Quality Policy Policy: D9 Data Quality Policy Version: D9/02 Ratified by: Trust Management Team Date ratified: 16 th October 2013 Title of Author: Head of Knowledge Management Title of responsible Director Director of

More information

Information Governance Strategy

Information Governance Strategy Policy No: IG01 Version: 3.0 Name of Policy: Information Governance Strategy Effective From: 02/06/2015 Date Ratified 06/05/2015 Ratified Health Informatics Assurance Group (HIAG) Review Date 01/05/2017

More information

INFORMATION GOVERNANCE POLICY

INFORMATION GOVERNANCE POLICY ENFIELD CLINICAL COMMISSIONING GROUP INFORMATION GOVERNANCE POLICY PLEASE DESTROY ALL PREVIOUS VERSIONS OF THIS DOCUMENT Enfield CCG Information Governance Policy Information Governance Policy (Policy

More information

Information Governance Policy

Information Governance Policy Information Governance Policy Version: Revised: Consultation: Ratified by: 1.0 Information Governance Committee Governance Committee Date ratified: 19 March 2008 Name of originator/author: David McGrath

More information

Cardiff Council. Data protection audit report. Executive summary June 2014

Cardiff Council. Data protection audit report. Executive summary June 2014 Cardiff Council Data protection audit report Executive summary June 2014 1. Background The Information Commissioner is responsible for enforcing and promoting compliance with the Data Protection Act 1998

More information

Information Governance Strategy

Information Governance Strategy Information Governance Strategy Document Status Draft Version: V2.1 DOCUMENT CHANGE HISTORY Initiated by Date Author Information Governance Requirements September 2007 Information Governance Group Version

More information

NETWORK SECURITY POLICY

NETWORK SECURITY POLICY NETWORK SECURITY POLICY Policy approved by: Governance and Corporate Affairs Committee Date: December 2014 Next Review Date: August 2016 Version: 0.2 Page 1 of 14 Review and Amendment Log / Control Sheet

More information

Job Description. Information Assurance Manager Band 8A TBC Associate Director of Technology Parklands and other sites as required

Job Description. Information Assurance Manager Band 8A TBC Associate Director of Technology Parklands and other sites as required Job Description Job Title: Grade: Accountable to: Base: 1. JOB PURPOSE Information Assurance Manager Band 8A TBC Associate Director of Technology Parklands and other sites as required The purpose of the

More information

Lancashire County Council Information Governance Framework

Lancashire County Council Information Governance Framework Appendix 'A' Lancashire County Council Information Governance Framework Introduction Information Governance provides a framework for bringing together all of the requirements, standards and best practice

More information

INFORMATION GOVERNANCE HANDBOOK

INFORMATION GOVERNANCE HANDBOOK INFORMATION GOVERNANCE HANDBOOK SECTION ONE Author Tracey Burrows Role Information Governance Manager (CSCSU) Date / Version February 2015 Version FINAL V1.0 Approved by IM&T Board Date 27 February 2015

More information

NHS Hartlepool and Stockton-on-Tees Clinical Commissioning Group. Information Governance Strategy 2015/16

NHS Hartlepool and Stockton-on-Tees Clinical Commissioning Group. Information Governance Strategy 2015/16 NHS Hartlepool and Stockton-on-Tees Clinical Commissioning Group Information Governance Strategy 2015/16 Document Status Equality Impact Assessment Final No impact Document Ratified/Approved By Hartlepool

More information

Information Governance Policy (incorporating IM&T Security)

Information Governance Policy (incorporating IM&T Security) (incorporating IM&T Security) ONCE PRINTED OFF, THIS IS AN UNCONTROLLED DOCUMENT. PLEASE CHECK THE INTRANET FOR THE MOST UP TO DATE COPY Target Audience: All staff employed or working on behalf of the

More information

The aim of this package is to act as online support for all staff that requires Information Governance (IG) training.

The aim of this package is to act as online support for all staff that requires Information Governance (IG) training. Information Governance e-learning User Guide The aim of this package is to act as online support for all staff that requires Information Governance (IG) training. Contents Page Title 2 Overview 2 Modules

More information

Information Governance Toolkit Assessment 2009/10

Information Governance Toolkit Assessment 2009/10 Information Governance Toolkit Assessment 2009/10 Document Reference: Version: Ratified by: Date ratified: Name of originator/author: Name of responsible committee/individual: Document owner: Document

More information

Information Governance Strategy

Information Governance Strategy Information Governance Strategy THCCGCG9 Version: 01 The information governance strategy outlines the CCG governance aims and the key objectives of its governance policies. The Chief officer has the overarching

More information

INFORMATION SECURITY POLICY

INFORMATION SECURITY POLICY INFORMATION SECURITY POLICY Policy approved by: Audit and Governance Committee Date: 4 th December 2014 Next Review Date: December 2016 Version: 1 Information Security Policy Page 1 of 17 Review and Amendment

More information

Information Incident Management and Reporting Procedures

Information Incident Management and Reporting Procedures Information Incident Management and Reporting Procedures Compliance with all policies, procedures, protocols, guidelines, guidance and standards is a condition of employment. Breach of policy may result

More information

D-CRIS Information Governance Assurance

D-CRIS Information Governance Assurance D-CRIS Information Governance Assurance Date: 05 08 2013 Version: 1.0 Author: Murat Soncul Contents 1. Introduction... 3 2. CRIS Security Model... 3 3. SLaM Information Governance Framework... 4 4. Roles

More information

Copyright 2016 Health and Social Care Information Centre

Copyright 2016 Health and Social Care Information Centre Document filename: Registration Authorities Operational and Process Guidance Directorate / Programme Access Control Project Access Control Document Reference Project Manager John Winter Status Final Owner

More information

RECORDS MANAGEMENT POLICY

RECORDS MANAGEMENT POLICY RECORDS MANAGEMENT POLICY Version 8.0 Purpose: For use by: This document is compliant with /supports compliance with: To outline the lifecycle of a record and to provide guidance on retention and disposal

More information

Subject Access Request (SAR) Procedure

Subject Access Request (SAR) Procedure Subject Access Request (SAR) Procedure East and North Hertfordshire Clinical Commissioning Group Page 1 of 16 DOCUMENT CONTROL SHEET Document Owner: Chief Finance Officer Document Author(s): Anne Ephgrave

More information

Information Incident Management and Reporting Procedures

Information Incident Management and Reporting Procedures ` Information Incident Management and Reporting Procedures Compliance with all CCG policies, procedures, protocols, guidelines, guidance and standards is a condition of employment. Breach of policy may

More information

How To Ensure Information Security In Nhs.Org.Uk

How To Ensure Information Security In Nhs.Org.Uk Proforma: Information Policy Security & Corporate Policy Procedures Status: Approved Next Review Date: April 2017 Page 1 of 17 Issue Date: June 2014 Prepared by: Information Governance Senior Manager Status:

More information

How To Ensure Network Security

How To Ensure Network Security NETWORK SECURITY POLICY Policy approved by: Assurance Committee Date: 3 December 2014 Next Review Date: December 2016 Version: 1.0 Page 1 of 12 Review and Amendment Log/Control Sheet Responsible Officer:

More information

Information Governance Strategy & Policy

Information Governance Strategy & Policy Information Governance Strategy & Policy March 2014 CONTENT Page 1 Introduction 1 2 Strategic Aims 1 3 Policy 2 4 Responsibilities 3 5 Information Governance Reporting Structure 4 6 Managing Information

More information

Information Governance Compliance. Managers Toolkit

Information Governance Compliance. Managers Toolkit Information Governance Compliance Managers Toolkit CONTRIBUTION LIST Key individuals involved in developing the document Name Mary Stait Sam Kirkland Designation Information Governance Trainer Records

More information

Information Incident Management. and Reporting Policy

Information Incident Management. and Reporting Policy Information Incident Management and Reporting Policy Policy ID IG10 Version: 1 Date ratified by Governing Body 21/3/2014 Author South CSU Date issued: 21/3/2014 Last review date: N/A Next review date:

More information

Standard Operating Procedure for the Management of Information Governance Serious Incidents Requiring Investigation (IG SIRI)

Standard Operating Procedure for the Management of Information Governance Serious Incidents Requiring Investigation (IG SIRI) Standard Operating Procedure for the Management of Information Governance Serious Incidents Requiring Investigation (IG SIRI) DOCUMENT CONTROL: Version: V1 Ratified by: Risk Management Sub Group Date ratified:

More information

SUBJECT ACCESS REQUEST PROCEDURE

SUBJECT ACCESS REQUEST PROCEDURE SUBJECT ACCESS REQUEST PROCEDURE Document History Document Reference: Document Purpose: IG31 This procedure sets out the responsibility for staff when receiving requests for information provided under

More information

Information Governance Strategy and Policy. OFFICIAL Ownership: Information Governance Group Date Issued: 15/01/2015 Version: 2.

Information Governance Strategy and Policy. OFFICIAL Ownership: Information Governance Group Date Issued: 15/01/2015 Version: 2. Information Governance Strategy and Policy Ownership: Information Governance Group Date Issued: 15/01/2015 Version: 2.0 Status: Final Revision and Signoff Sheet Change Record Date Author Version Comments

More information

Introduction to the NHS Information Governance Requirements

Introduction to the NHS Information Governance Requirements Introduction to the NHS Information Governance Requirements 2 Version April 2014 Information Governance ensures necessary safeguards for, and appropriate use of, patient and personal information. The widely

More information

Information Governance Strategy 2015-2018

Information Governance Strategy 2015-2018 Introduction Information Governance Strategy 2015-2018 This strategy sets out the approach to be taken within Children s Hearings Scotland (CHS) to develop a robust Information Governance (IG) framework

More information

INFORMATION GOVERNANCE STRATEGY NO.CG02

INFORMATION GOVERNANCE STRATEGY NO.CG02 INFORMATION GOVERNANCE STRATEGY NO.CG02 Applies to: All NHS LA employees, Non-Executive Directors, secondees and consultants, and/or any other parties who will carry out duties on behalf of the NHS LA.

More information

INFORMATION GOVERNANCE POLICY (INCORPORATING INFORMATION GOVERNANCE MANAGEMENT FRAMEWORK)

INFORMATION GOVERNANCE POLICY (INCORPORATING INFORMATION GOVERNANCE MANAGEMENT FRAMEWORK) Ref No: IN-101 INFORMATION GOVERNANCE POLICY (INCORPORATING INFORMATION GOVERNANCE MANAGEMENT FRAMEWORK) AREA: POLICY SPONSOR: Trust Wide Director of Finance IMPLEMENTED: October 2009 REVISED: June 2011

More information