Information Governance Compliance. Managers Toolkit

Transcription

1 Information Governance Compliance Managers Toolkit

2 CONTRIBUTION LIST Key individuals involved in developing the document Name Mary Stait Sam Kirkland Designation Information Governance Trainer Records Transformation and Information Governance Manager Circulated to the following individuals for consultation Name Fern Barrell Neill Bolderston Jacqueline Burden Sarah Charlton Heather Darlow Kim Dawson Rachel Dewar Mel Foster-Green Vicky Hill Lisa Laws Kalpna Mistry Imtiaz Girach Teresa Heffernan Raj Bhatt Judy McCarthy Designation Risk Assurance Co-ordinator Healthcare Records Manager Clinical Governance Lead AMH/LD Corporate Affairs Legal Administrator Clinical Governance Lead, CHS ICD10 Coding Manager Head of CHS, East Leicester Customer Services Manager LHIS Information Security Manager HR Corporate Services Manager Information Requests Officer Assistant Financial Developments Manager Child Health Operational Manager, FYPC Information Manager FT Programme Manager/Programme Officer Manager Page 2 of 15

3 Contents 1.0 Introduction Mandatory IG Training for All Staff New Starters Which Modules to Complete How to Access Mandatory IG Training Claiming Time Back Training Needs Analysis IT Skills Form Additional Training for Key Roles (Recommended) Modules Available on the IGTT for Personal Development Monitoring Compliance Training Evaluation Information Matters Newsletter Further Information and Support. 9 Appendices Appendix 1 TNA Basic Modules assigned to LPT Job Roles 10 Appendix 2 TNA IT Skills Form.. 11 Appendix 3 TNA Additional Modules Recommended for Key Roles.. 12 Appendix 4 List of All Modules available on the Connecting for Health IGTT.. 13 Appendix 5 Random Spot Check Questionnaire.. 14 Page 3 of 15

4 Version Control and Summary of Changes Version number Date 1.0 March 2013 Comments (description change and amendments) Approved by Records and Information Governance Group Meeting March 2013 This document can be provided in large print or Braille formats, if requested, and an interpreting service is available to individuals of different nationalities who require them. Did you print this document yourself? Please be advised that the Trust discourages the retention of hard copies of policies and operational guidance documents and can only guarantee that the policy/operational guidance on the Trust website is the most up-to-date version. For further information contact: Mary Stait Information Governance Trainer Information Governance Team Page 4 of 15

5 1.0 Introduction This document is complementary to the Information Governance Training Strategy and is aimed at providing managers with information and resources to support compliance with the Information Governance Toolkit Requirement 112, which states that Information Governance awareness and mandatory training procedures are in place and all staff are appropriately trained. 2.0 Mandatory Information Governance (IG) Training for All Staff All staff are required to complete a basic IG module annually. The module they need to complete depends on their routine access to personal data. 2.1 New Starters New Starters receive training in basic IG principles on Induction, but this is not sufficient to meet the requirements for basic IG training in the IG Toolkit Requirement 112. They are, therefore, required to complete a basic IG module within six weeks of the start of their employment with the Trust. Managers are responsible for ensuring new starters comply with this requirement. 2.2 Which Modules to Complete: A full list of which basic module should be completed by staff for their role is available at Appendix Introduction to Information Governance Module The majority of staff will routinely access personal data and are, therefore, required to complete the Introduction to Information Governance module Information Governance: The Beginner s Guide As identified in the Training Needs Analysis approved by the Records & Information Governance Group in September 2012, unless the individual has routine access to personal data, staff in the following roles are required to complete this module: Cook Helper / Assistant Housekeeper Maintenance Craftsperson Porter Support Worker Technician Information Governance: Refresher Module Once a basic module has been completed in full the Refresher module need only be completed in subsequent years. Page 5 of 15

6 3.0 How to Access Mandatory IG Training Training modules are available through various methods: 3.1 Smart Card Access to Oracle Learning Management (OLM) OLM is a component of the Electronic Staff Record (ESR). Anyone with Smartcard access to ESR should complete the training using this method Smart Card Access to OLM e-learning.pdf 3.2 Username and Password Access to Oracle Learning Management (OLM) OLM can be accessed without a Smartcard via a username and password issued by the Academy. Anyone currently without either Smart Card or Username access can request a Username and password from the Academy. Username access to OLM e-learning.pdf 3.3 NHS Connecting for Health IG Training Tool (IGTT) For those already registered, or who also wish to access additional IG training modules or resources, may complete their training via the IGTT. HowToAccess_IG_e- LearningVia_IGTT_ pdf 3.4 Face-to-Face Training For those without access to online learning, or who require support Requirement 112 now states It should be applied to all staff who have access to computing facilities that can connect to on-line materials. For the small number of residual staff, materials from the IG Training Tool can be downloaded and adapted for classroom sessions. Face-to-face training sessions are available with the IG Trainer, either centrally or at a specified location upon request. The training includes a Powerpoint presentation followed by a paper-based assessment equivalent to the assessments on the IGTT modules. 3.5 PC supported training sessions Where staff require support to complete the training online, PC based sessions are available with the IG Trainer either centrally or at a specified location upon request. 3.6 One-to-one training sessions One-to-one training sessions can be arranged with the IG Trainer for those with specific needs for whom group sessions would be unsuitable. 3.7 Information Governance Training Resources A selection of resources to support all methods of training can be found at: Informationgovernanceresources.aspx Page 6 of 15

7 These include: Copies of the basic training modules, including large print versions, available to download and print. An audio version of the IGTT Powerpoint presentation. A Managers Section, including an LPT version of the Powerpoint presentation and script that can be delivered to their team, as well as a copy of the Manager s Toolkit (password protected) to download. The Assessment should, ideally, be completed online, but exceptionally where this is not possible, hard copy versions of the Assessments are available on request from the IG Trainer for staff to complete and return, marked Confidential, either via (preferred) or internal post to: (tagged Confidential ): Mary.Stait@leicspart.nhs.uk Internal Post (sealed and marked Confidential ): Mary Stait, Information Governance Trainer, Information Governance Team First Floor North Lakeside House 4 Smith Way Grove Park Leicester LE19 1SX 3.8 In addition to options 3.1 to 3.7 (incl.) mentioned above, multiple resources are available from the Connecting for Health IGTT in the Resource Library, including audio role plays, presentations and printable word versions of many of the e- learning modules. 4.0 Claiming Time Back Where staff are unable to access online training at work, the option is available for them to complete the training outside of work via the Connecting for Health IGTT and to claim the time back as follows: Introduction to Information Governance = 1 hour Information Governance: The Beginner s Guide = ½ hour Information Governance: Refresher Module = ½ hour 4.1 If someone takes longer than this to complete the module and wishes to claim time back in excess of the above, the manager should contact the IG Trainer or The Academy, who can check the IGTT system to confirm how long the member of staff took to complete the module. Page 7 of 15

8 Training Needs Analysis IT skills Form Where managers are unsure of the IT skills of any member of their team, there is an IT Skills Form (Appendix 2) available for use to help identify the level of support required. 6.0 Additional Training for Key Roles (Recommended) Where additional modules are recommended for certain job roles within the Trust (Appendix 3), these should be completed via the Connecting for Health IGTT. 7.0 Modules Available on the IGTT for Personal Development A full list of all the modules available on the Connecting for Health IGTT can be found at Appendix 4. These are available for anyone to complete as part of their personal development. 8.0 Monitoring Compliance 8.1 Monthly reports on training compliance, including the mandatory basic IG requirement, are generated by The Academy and distributed to senior staff within the Divisions for cascading as appropriate within their areas: Adult Mental Health Division Adult Learning Disability Services Families, Young People & Children Division Hosted Services Department Name: The Academy Information Flow: Core Mandatory & Information Governance Training Compliance Report Mapping Date: 11 April Enabling Services Community Health Services Division Medical Staff 8.2 Compliance is shown as follows: In date Nearly out of date Out of date 8.3 Managers should use these reports to identify staff whose compliance is Out of date or Nearly out of date and to ensure staff make appropriate arrangements to update their training. 8.4 Where staff are required to complete additional modules, managers should request to see a copy of the relevant Certificate produced from the Connecting for Health IGTT, or contact the IG Trainer or the Academy who can confirm their compliance. Page 8 of 15

9 9.0 Training Evaluation 9.1 Criterion within the IG Toolkit Requirement 112 states Action is taken to test and follow up staff understanding of IG Providing staff with IG training does not provide sufficient assurance that they have understood their IG responsibilities. 9.2 The Trust must provide evidence to show that training is impacting in the workplace. Evidence required by the IGT includes: Compliance monitoring forms, audit checklists or a report on the outcome of staff compliance checks. 9.3 To comply with this requirement a Random Spot Check Questionnaire (Appendix 5) has been developed that managers will be asked to complete Information Matters Newsletter An Information Governance Newsletter Information Matters will be published quarterly to support the embedding of information governance across the Trust and to highlight key topics and learning. It will also offer the opportunity to test staff knowledge of IG, by including quizzes and puzzles from time to time for staff to complete and submit to the IG team Further Information and Support Further information and support on any aspect of information governance is available from the IG Team: Sam Kirkland, Records Transformation & Information Governance Manager Tel: Sam.Kirkland@leicspart.nhs.uk Mary Stait, Information Governance Trainer Tel: Mary.Stait@leicspart.nhs.uk Neill Bolderston, Healthcare Records Manager Tel: Neill.Bolderston@leicspart.nhs.uk Kim Dawson, Clinical Coding Manager Tel: Kim.Dawson@leicspart.nhs.uk Kalpna Mistry, Information Requests Officer Tel: Kalpna.Mistry@leicspart.nhs.uk Page 9 of 15

10 TRAINING NEEDS ANALYSIS APPENDIX 1 LPT Job Role Accountant Adviser Analyst Apprentice Art Therapist Manager Assistant Assistant Psychologist / Psychotherapist Associate Specialist Board Level Director Building Officer Chaplain Chief Executive Chiropodist/Podiatrist / Manager Clerical Worker Clinical Director / Officer / Psychologist Community Nurse / Practitioner Consultant Cook Dietitian Engineer Finance Director General Medical Practitioner Health Care Support Worker / Assistant / Scientist Helper/Assistant Housekeeper Interpreter Maintenance Craftsperson Manager Medical Secretary Modern Matron Multi Therapist / Specialist Practitioner Nurse Consultant / Manager Nursery Nurse Occupational Therapist / Manager Officer Personal Assistant Pharmacist Phlebotomist Physiotherapist / Manager / Specialist Practitioner Play Specialist Porter Psychotherapist Receptionist Researcher Salaried General Practitioner Secretary Senior Manager Sister/Charge Nurse Social Care Support Worker Specialist Nurse Practitioner Specialty Doctor Speech and Language Therapist / Manager / Specialist Practitioner Staff Nurse Student: Dietitian/Health Visitor/Nurse/Practice Nurse/School Nurse Supervisor Support Worker Technical Instructor Technician Introduction to Information Governance Information Governance: The Beginners Guide Page 10 of 15

11 APPENDIX 2 Information Governance Training Training Needs Analysis (TNA) Questionnaire The purpose of this questionnaire is to help your manager determine your training needs for accessing Information Governance training, so we ask that you answer the following questions openly and honestly in order for us to fully meet your requirements. The information will be used to help us understand your current IT skill level and enable us to offer you the appropriate training: Name: Department: Contact Tel: Job Role: Based at: Line Manager: Date: Please tick the following boxes that apply to you: Do you know how 1 to log on and off a PC Yes No Do not understand question 2 to use a mouse the functions of the left and right mouse buttons differ to minimise and maximise the window you are working on to open and close applications e.g. Word, Outlook etc. 6 to use the intranet (esource) and the internet Many thanks for taking the time to complete this questionnaire, your co-operation is appreciated. Please return the form to your line manager. Page 11 of 15

12 TRAINING NEEDS ANALYSIS KEY ROLES Purple = Recommended (Occupational/Required by Job Role) Caldicott Guardian The Caldicott Guardian in the NHS and social care APPENDIX 3 Information Governance Manager Access to Health Records NHS Information Risk Management for SIROs and IAOs Records Management in the NHS The Caldicott Guardian in the NHS and social care Healthcare Records Manager Access to Health Records Patient confidentiality Records Management and the NHS Code of Practice Records Management in the NHS Information Requests Officer Access to Health Records Patient confidentiality Records Management and the NHS Code of Practice Records Management in the NHS Information Governance Trainer Access to Health Records NHS Information Risk Management: Foundation Patient confidentiality Records Management and the NHS Code of Practice Records Management in the NHS SIRO - Senior Information Risk Owner IAO - Information Asset Owner IAA - Information Asset Administrator NHS Information Risk Management for SIROs and IAOs Information Risk Manager NHS Information Risk Management for SIROs and IAOs Information Security Officer/Lead or support Information Security Guidelines Information Security Management Access to Health Records Management Access to Health Records Records Management and the NHS Code of Practice Records Management in the NHS Secure Transfers of Personal Data Page 12 of 15

13 APPENDIX 4 List of All Modules available on the Connecting for Health IGTT Level Title Estimated Duration Refresher Module (1 resource) Introductory Information Governance: The Refresher Module 0.5 Confidentiality & Caldicott (4 resources) Foundation The role of the Caldicott/IG Lead in General Practice 1.0 Foundation Patient confidentiality 1.0 Practitioner The Caldicott Guardian in the NHS and social care 1.0 Introductory Secure Handling of Confidential Information 1.0 Embedding informatics in the NHS (3 resources) Level Title Introductory Clinical Information Systems 0.5 Introductory ehealth: the future direction 0.5 Introductory The language of health, clinical coding and terminology 0.5 Independents / Third Sector (2 resources) Introductory Information governance for pharmacy staff 0.5 Introductory IG for Dental Practices 0.5 Information Governance for NHS CFH Staff (2 resources) Introductory Introduction to Information Governance for NHS CFH Staff 1.0 Introductory Introduction to Information Security Guidelines for NHS CFH Staff 0.5 Information Governance and IG Management (5 resources) Introductory Introduction to IG for General Practice 2.0 Introductory Introduction to Information Governance 1.0 Introductory Information Governance: The Beginner's Guide 0.5 Introductory Information Governance for Medical Secretaries 0.6 Introductory Access to information and information sharing in the NHS 0.5 Information Risk Management (3 resources) Introductory NHS Information Risk Management: Introductory 1.0 Foundation NHS Information Risk Management: Foundation 1.0 Introductory NHS Information Risk Management for SIROs and IAOs 1.0 Information Security (5 resources) Introductory Password Management 0.5 Introductory Information Security Guidelines 1.0 Foundation Secure Transfers of Personal Data 1.5 Foundation Information Security Management 1.0 Foundation Business Continuity Management 2.0 Records Management (5 resources) Foundation Records Management and the NHS Code of Practice 0.5 Practitioner Records Management in the NHS 0.5 Practitioner Access to Health Records 0.5 Introductory The importance of good clinical record keeping 1.0 Foundation Record keeping standards for hospital inpatients 1.0 Page 13 of 15

14 APPENDIX 5 Direct dial: (0116) mary.stait@leicspart.nhs.uk Ref: IGT112/ms Date: Information Governance Random Spot Check Questionnaire A University Teaching Trust Lakeside House 4 Smith Way Grove Park Enderby Leicester LE19 1SS Tel: Fax: Dear Manager, The objective of this questionnaire is to check staff awareness of information governance in the workplace, in accordance with the Information Governance Toolkit Requirement 112 Information Governance awareness and mandatory training procedures are in place and all staff are appropriately trained. Your area has been chosen this year as part of a random selection across the Trust and you are asked to complete the following questionnaire and return it to us by... It should take only a few minutes to complete. Please answer the following questions for your area of responsibility: 1. How many staff do you have managerial responsibility for? If none, please enter 0 and return the questionnaire immediately. 2. Of these, how many have successfully completed their Information Governance training in the last 12 months? If you are unsure, please contact your Clinical Governance Lead, the Academy, or the IG Trainer. 3. Do you implement a clear desk policy, i.e. are records put away when not in use? If you have a local procedure/policy please send a copy of it with your response. 4. If your staff handle personal information in paper format, is access to it restricted? If yes, please explain how, e.g. key coded locks on doors, locked with sign-in/sign-out access, lockable cabinets etc. 5. Do staff use a tracking system if records leave the department? If yes, what kind of system do you use? (*please circle) *Manual / Electronic 6. If staff fax personal information, do they receive positive confirmation it has been received by the recipient (not just the fax record showing which number it was sent to)? The Trust Data Protection Policy details the Fax back process. Please confirm with staff whether this is used when faxing personal information. If not, please implement this immediately in your area. Page 14 of 15

15 Please take a walk round your department. 7. How many computers are there in your department? 8. How many of these computers are currently unattended and unlocked? Please ask available staff the following questions as you walk round: 9. If you found a set of medical records left unattended in a public area, would you: Leave the records there, assuming whoever left them would return to collect them? Hand the records to an appropriate manager? Complete an incident report form? How many staff did you ask? Of those, how many staff would Leave the records there, assuming whoever left them would return to collect them? Hand the records to an appropriate manager? Complete an incident report form? 10. Do you know who the Trust s Caldicott Guardian is? How many staff know who the Trust s Caldicott Guardian is? How many staff do not know who the Trust s Caldicott Guardian is? 11. If you received a request from someone asking how much the Trust spends each year, would you know what to do or who to contact? How many staff would know what to do or who to contact? How many staff would not know what to do or who to contact? Please send your completed questionnaire to: Mary Stait, Information Governance Trainer, FFN, Lakeside House, 4 Smith Way, Grove Park, Leicester LE19 1SX Thank you very much for your co-operation. Sam Kirkland, Records Transformation and Information Governance Manager Page 15 of 15