1 / 22

Information Governance – Who Cares?

Information Governance – Who Cares?. Alistair Stewart Information Governance Co-ordinator. Key Learning Points. What is Information Governance? What do YOU need To Do to make this work? Follow the Caldicott Guidelines Provide a confidential service – Corporate and staff responsibility

dooley
Download Presentation

Information Governance – Who Cares?

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Information Governance – Who Cares? Alistair Stewart Information Governance Co-ordinator

  2. Key Learning Points • What is Information Governance? • What do YOU need To Do to make this work? • Follow the Caldicott Guidelines • Provide a confidential service – Corporate and staff responsibility • Comply with the Law • Understand the Data Protection Act Principles • Recognise a Freedom of Information Act request • Follow the rules set out in Policies • Keep Information Secure as you would your own personal details • Strive for accuracy in recording and using information

  3. Information Governance “Information governance aims to support the provision of high quality care by promoting the effective and appropriate use of information.” • Confidentiality • Data Protection • Information Security • Records Management • Freedom of Information • Data Quality Assurance IG is to do with how the NHShandles information

  4. Handling information means: • Holding it securely and confidentially • Obtaining it fairly and efficiently • Recording it accurately and reliably • Using it effectively and ethically • Sharing it appropriately and lawfully

  5. Caldicott Principles • Principle 1- Justify the purpose(s) • Principle 2 -Don’t use patient-identifiable information unless it is absolutely necessary. • Principle 3 - Use the minimum necessary patient‑identifiable information. • Principle 4 - Access to patient‑identifiable information should be on a strict need to know basis. • Principle 5 - Everyone should be aware of their responsibilities. • Principle 6 - Understand and comply with the law

  6. Data Protection Principles • Fairly and lawfully processed • Processed for limited purposes • Adequate, relevant and not excessive • Accurate and up to date • Not kept for longer than is necessary • Processed in line with rights of the individual • Kept Secure, and • Not transferred to countries without adequate protection.

  7. It is your responsibility to keep all personal and sensitive information secure Keep Information Secure • Adhere to all Organisation Policies • Adhere to all local and national Information Security Policies • Protect Information Physically • Practice Password Management • Transfer Information Securely • Report all actual and attempted breaches of Securityto Management immediately

  8. Primary Care IG Baseline Benchmarking Information Governance and Data Quality Standards, Directed Enhanced Service, circular PCA(M)(2007)11 All practices should: • be compliant with a basic list of standards for information governance • have completed and implemented an action plan (agreed with the host NHS Board) on how they will improve data quality and information governance

  9. Regulator powers: Data Protection • Privacy Impact Assessment (PIA) • DP registration changes • Extended Powers & Penalties • Fines – up to £500,000 for reckless breaches • Enhanced powers of inspection • Prosecution -prison sentences for s55 offences • Wilful or reckless breach of the DP Principles leading to damage or distress http://www.ico.gov.uk

  10. Regulator changes: Freedom of Information • Model Publication Scheme consultation • Sets out types of information routinely made available by a public authority. • Should specify classes of information, how available, and if charge. • Extension of the Act consultation • Review of exemption briefings http://www.itspublicknowledge.info

  11. Developing & Implementing Fully Implemented Changes Implemented Continuous Improvement Cycle Evaluation & Monitoring NHS Scotland IG programme • Standards & Toolkit • Communications & Networks • Education & Training • Knowledge Base • National IG Framework of Policies & Guidelines

  12. National IG Guidance • NHS Scotland Code of Protecting Patient Confidentiality (reviewed) • Caldicott Guardians Manual (reviewed) • Caldicott Guardians Website available at http://www.knowledge.scot.nhs.uk/caldicottguardians.aspx • Looking After Information: Staff Awareness leaflet produced • Refreshed NHS Scotland Code of Practice in Records Management -Health and administrative records into single document IG is a series of best practice guidelines and principles of the Law to be followed by the NHS

  13. Ongoing national IG activities • Training requirements and awareness raising tools for NHSS staff • Information Sharing Protocol (review) • Evidence base for IG Standards • Forum networking meetings IG is the core foundation for high quality healthcare using good quality information

  14. Training and Awareness • Looking after information leaflet • DOTS module – scenario based • Flying Start – modular based • Medical Records material • On-line package

  15. Further Information Specialist e-Library – Knowledge Network http://www.knowledge.scot.nhs.uk IG Portal - IG Bulletin http://www.elib.scot.nhs.uk/portal/ig/pages/index.aspx eHealth Website http://www.ehealth.scot.nhs.uk/

  16. Contacts NHSS IG Team: NSS.infogov@nhs.net Alistair Stewart, Information Governance Co-ordinator, NHSS Alistairstewart@nhs.net Kim Kingan, Information Governance Lead, SGHD Kim.Kingan@scotland.gsi.gov.uk David Armstrong, Enterprise Architect-Security, SGHD David.Armstrong@scotland.gsi.gov.uk Robert Bryden, Records Management Lead, SGHD Robert.Bryden@scotland.gsi.gov.uk

  17. Could This Happen To You? • Records stored in corridors • Patient records removed from premises • Password attached to IT equipment • Computers stolen from Office • Disc lost in mail containing personal information • Lost Payslips • Lost memory stick

  18. Potential Breaches

  19. Discussion Consider your workplace in relation to the breaches shown and highlight any potential problem area. What solutions are available to you to reduce the risk?

  20. Information Governance - Is the responsibility of every NHS Employee so let’s aim together to be 100% compliant and show that WE CARE

  21. Question time….

More Related