Registration Authority Policy for Smartcard Access to ... · Registration Authority Policy for Smartcard Access to National Programme ... Ratiel Gapa 2 RA policy has ... Smartcard

1 SH IG 43 Registration Authority for Smartcard Access to National Programme Systems Version 4 March 2018

SH IG 43

Registration Authority Policy for Smartcard Access to National Programme

Systems

Version 4

Summary:

This document describes the policy for the operation of the Registration Authority (RA) for National Programme Systems within Southern Health NHS Foundation Trust. The document outlines the roles and responsibilities of the main parties in the RA and sets out the principles and governance surrounding use of Smartcards.

Keywords (minimum of 5): (To assist policy search engine)

Smartcard, Registration Authority, RA Agent, Smartcard Champion, Card Reader, Role Based Access Control (RBAC), RiO Smartcard, ESR, Passcode.

Target Audience:

Spine Compliant IT System Users and identified Post Holders within the policy

Next Review Date: March 2019

Approved and Ratified by:

Information Governance Group – Chair approval

Date of meeting: 13th March 2018

Date issued:

March 2018

Author:

Angela Gadsdon, RA Coordinator.

Sponsor:

Helen Albericci, RA Manager.


Version Control

Change Record

Date Author Version

Page Reason for Change

February 2014

Ratiel Gapa

2 RA policy has been reviewed as follows: Reference to Connecting for Health amended to Health and Social Care Information Centre (HSCIC), updated links to national documents, included Integrated Identity Management (IIM) in glossary, removed RiO project RA lead from RA Membership, replaced Strategic Health Authority RA Manager with regional RA Manager, removed reference to RiO MH and Community and replaced with reference to ‘RiO’, included role of PBAC in assigning access, included permission to use passport size photographs in 5.3, amended policy renewal frequency to annual, included updated Terms Reference (replaced Operational Directorate Representatives with Service reps), updated Smartcard access application forms, included updated smartcards handover document with return address, and updated Security policy to include RA laptop and to change total number of Smartcard printers from 5 to 7.

February 2015

John Hutchence

3 7-11 Update of responsibilities for RA staff in line with the national RA policy

FEB 2018 Angela Gadsdon

4

RA Policy has been reviewed as follows. Updated links to The Care Record Guarantee, NHS Confidentiality Code of Practice and the Registration Authorities Operational Process and Guidance. EMIS and System one added to list of systems used. Reference to Health and Social Care Information Centre (HSCIC)

amended to NHS Digital. Reference to User Identity Manager (UIM) amended to Care Identity Service (CIS).

Update to 5.14 Temp Access Cards – No longer used within trust. Updates to Appendices 2A,2B and 3.

Reviewers/contributors

Name Position Version Reviewed & Date

Amanda Goodwin RA Manager V1 – July 2012

Jackie Brodhurst RA Manager V1 – July 2012

RA Members V1 – October 2012

Sharon France IG Manager V1 – August 2012

Rachel Gray Records Manager V1 – August 2012

John Hutchence RA Coordinator V3 – February 2015

Angela Gadsdon RA Coordinator V4 – March 2018


Contents

Page

1. Introduction 4 2. Scope 5 3. Definitions 5 4. Duties/ responsibilities of the Registration Authority (RA) 6 4.1 Caldicott Guardian and Senior Information Risk Officer (SIRO) 6 4.2 RA Membership 7 4.3 RA Manager 7 4.4 RA Coordinator 8 4.5 RA Administrator 9 4.6 RA Agent (Smartcard Champion) 10 4.7 Card Unlocker 11 4.8 Privacy Officer 11 5. Policy of the RA 11 5.1 Access to RA information 11 5.2 Smartcard Access Application form 11 5.3 Smartcard photographs 12 5.4 Handover of Smartcards 12 5.5 Change of Smartcard Access 12 5.6 Change of name 12 5.7 Leavers 12 5.8 Cancelled Smartcards 13 5.9 Long-term absence 13 5.10 Lost or stolen Smartcards 13 5.11 Passcode Maintenance 13 5.12 Smartcard certificate renewal 13 5.13 Students, locum and other temporary staff 14 5.14 Smartcard incident reporting 14 5.15 Other related processes 15 5.16 Security (Administration, Data Protection and Records) 15 5.17 RA Reports 16 5.18 Contingencies 16 5.19 Security of Smartcards 17 5.20 Accountability 17 6. Training requirements 17 7. Monitoring Compliance 17 8. Policy Review 17 9. Associated documents 17

Appendices

A1 RA Terms of Reference (TORs) 18 A2a Application for Smartcard Access form – direct hires 19 A2b Application for Smartcard Access form – indirect hires 20 A3 Smartcard Handover Document 22 A4 RA Security Policy 25 A5 Clear Desk, Clear Screen, Smartcard Maintenance 26 A6 Training Needs Analysis (TNA) 27 A7 Equality Impact Assessment (EqIA) 28


Smartcard Access to National Programme Systems Policy (Registration Authority Policy)

1. Introduction

NHS Digital launched the Care Identity Service (CIS) in February 2015, introducing new Authentication, Directory and Smartcard Identity Registration services for secure access to Health and Social Care data.

This service replaced the former spine identity management service (UIM and CMS) and is currently being used by RA (Registration Authority) Managers (RAMs) and their RA staff (RA Agents, Sponsors, ID Checkers and Local Smartcard Administrators) in each of the RA Service Provider Organisations who manage Smartcard access for 1.1 million Smartcard holders/healthcare professionals across the country.

This has been done to provide a live, interactive patient record service accessible 24 hours a day, seven days a week, by health professionals working across all health sectors. Access to these computer applications will be strictly controlled in order to maintain confidentiality of the data contained within. A national system for registering end-users has been established, comprising a hierarchy of Registration Authorities that culminates in the devolution of responsibility for authorising and registering individual staff as end-users by the employing authority. Accordingly the Trust is required to set up a Registration Authority (RA) of its own to undertake this function. All staff requiring Smartcard access must be registered. This involves producing personal identification and having a photograph taken. This is in line with the national objective of enhancing the security of patient and clinical information. The Trust will use its own RA to manage registrations and manage the issuing of Smartcards. Smartcard access will only be enabled following successful completion of relevant system’s training. The combination of Smartcard and Pass code forms the basis of user authentication and logon. Smartcard access is based on Role Based Access Control (RBAC). RBAC refers to the national policy that provides the framework and architecture to link the user, the system (or application), and the national Spine which stores patient demographic information, amongst other purposes. As a framework RBAC aims to help deliver a specific commitment contained in the NHS Care Record Guarantee which is to show only those parts of a patient record needed to deliver care. The Registration Authority will need to comply with the following:

The Care Record Guarantee https://digital.nhs.uk/media/329/Care-RecordGuarantee/pdf/Care_Record_Guarantee

NHS Confidentiality Code of Practice https://www.gov.uk/government/publications/confidentiality-nhs-code-of-practice

Registration Authorities Operational Process and Guidance https://digital.nhs.uk/media/842/RA-ops-and-guidance/pdf/RA_ops_and_guidance

https://digital.nhs.uk/media/842/RA-ops-and-guidance/pdf/RA_ops_and_guidance


2. Scope

This document describes the policy for the operation of Southern Health NHS Foundation Trust (hereafter referred to as the Trust) RA and outlines the roles and responsibilities of the main parties in the RA. The use of the word ‘staff’ in this document means people who are directly employed by the Trust or those contracted by the Trust to provide services or those who work in partnership as part of an integrated or joint team. This Policy applies to all processes, procedures and activities carried out by the RA in relation to the following systems used in the Trust, which require Smartcard access:

RiO

Electronic Staff Records (ESR)

National Health Service Spine Portal

Choose and Book (CAB)

EMIS

System One 3. Definitions

Electronic Staff Records (ESR) interface is the link between ESR and CIS developed to ensure consistency of data between the two related systems. Care identity Service (CIS) is the RA system that enables production and management of Smart Cards.NHS Digital has replaced Health and Social Care Information Centre (HSCIC) as the national provider of information, data and IT systems for commissioners, analysts and clinicians in health and social care. Data Security and Protection Toolkit (DS &PT) is a performance tool produced by the Department of Health (DH). It draws together the legal rules and central guidance set out above and presents them in one place as a set of information governance requirements. Integrated Identity Management (IIM) refers to the merging of RA and HR procedures to improve processes and rid duplication of effort.

Position Based Access Control (PBAC) is the access framework that involves advance creation of access positions which can be assigned to users depending on what their role is in an organisation. Registration Authority (RA) is any entity that is appointed by the Executive of an NHS organisation as being responsible for the identification and authentication of applicants for Smartcard access. Role Based Access Control (RBAC) is the access framework that involves creating an access profile per user. Senior Information Risk Officer (SIRO) is an executive who is familiar with and takes ownership of the organisation’s information risk policy and acts as advocate for information risk. Ulysses Safeguard is the online incident reporting system


Care Identity Service (CIS) replaced the User Identity Manager (UIM) system in February 2015 and performs the same function of managing smartcard access control. User’s Unique Identification (UUID) is the unique number identifying a user of Spine Compliant Applications. It is the long number that appears on a Smartcard.

4. Duties / Responsibilities of the Registration Authority (RA)

The RA is responsible for ensuring that:

All aspects of registration services and operations are performed in accordance with National Policies and procedures;

Procedures are in place that enable control over issuing of Smartcards, while providing an efficient and responsive service that meets the needs of the users;

National Registration processes are adhered to in full as specified in Registration Authorities Operational Process and Guidance;

RA forms are appropriately used;

Resources are available to operate the registration processes in a timely and efficient manner to meet the Trust organizational requirements;

RA Team Members are adequately trained and are familiar with the local and national RA Processes;

Any local processes developed are adhered to in full, updated as and when required, communicated to RA members and are integrated with other local policies and procedures;

RA Members are sensitive to the Data Protection Act 1998 and the NHS Code of Practice on confidentiality;

Regular audit of processes and procedures are undertaken. 4.1 Caldicott Guardian and Senior Information Risk Officer (SIRO)

The Trust’s RA reports to the Information Governance Group (IGG) which is chaired by the SIRO and attended by the Caldicott Guardian. While the Caldicott Guardian has an advisory role regarding all matters of patient confidentiality and information sharing, the SIRO is responsible for:

Ensuring that the work of RA is appropriately monitored;

Ensuring members of staff are aware of the importance of secure working practices in respect of their Smartcards;

Ensuring there is effective governance in place so that the system access assigned to staff is appropriate to the role/s.


4.2 RA Membership

As outlined in RA Terms of Reference (Appendix 1) the following are members of the Trust’s Registration Authority tasked with ensuring delivery of Trust RA responsibilities:

Operational Divisional Representatives

RA Manager (Chair)

HR representative

Head of Information Assurance

RA Coordinator

The day to day RA function is supported by the following:

4.3 RA Manager

The Trust’s Registration Authority Managers (RAMs) are appointed by the Trust Chief Executive. Notice of RAM appointment or termination must be communicated to the Regional RA Manager. The RAMs are responsible for:

Receiving reports of relevant incidents from the Risk Department for report back to the IGG as per Trust’s Managing Incidents and Serious Incidents (SI) (NCP 16).

Assignment of RA Agents and sponsors and the registration and authorisation of RA Agents and Sponsors

Ensuring that there are sufficient resources to operate the registration processes in a timely and efficient manner to meet the Trust’s responsibilities;

Ensuring that RA Agents request appropriate access for staff;

Ensuring that all RA Agents are adequately trained and are familiar with local and national RA policies and processes;

Ensuring that all Card Unlockers have the relevant unlocking access and can access the unlocking guide;

Ensuring that each user only has one Smartcard;

Making RA evidence submission to the IGTK;

Identifying areas where RA processes duplicate Trust business processes and instigate action to minimise duplication e.g. HR processes for starters, leavers, terminations, and approved leave;

Ensuring that all RA forms are stored in a safe, secure area. This is in accordance with the Data Protection Act 1998 and the Trust’s Records retention, Archiving and Disposal Procedure (IG 16);

Ensuring good working condition and availability of RA hardware and consumables.


Responsibility for running RA Governance in their organisation

Facilitation of the process for agreeing the organisation’s access control positions

Responsibility for ensuring that appropriate auditing is carried out

Responsibility for ensuring local processes are in place that meet policy and guidance for the creation of digital identities, production of smartcards, assignment of access rights, modifications to access and people and certificate renewal and card unlocking (the creation of these processes may be delegated).

4.4 RA Coordinator

Based in Human Resources the RA Coordinator (RAC) coordinates the activities of RA Agents. The main duties of the RAC are as follows:

Maintain the Trust RA policy and ensures all RA documentation remains valid, accessible and up to date;

Keep abreast of changes to RBAC and changes to national policy and communicate to relevant others;

Maintain and update categories of Smartcard access or Position Based Access Controls (PBACs) as authorised by the RA;

Ensure that RA Agents request appropriate access for staff;

Notify RAM changes to: [email protected];

Provide clear and concise training to the RA agents;

Provide clear and concise guidance to the RA Agents;

Ensure adherence to local and national procedures;

Compile and maintain a list of local RA Agents and Card Unlockers and ensure list is accessible to all;

Process requests in RA system Care identity Service (CIS) and create and issue Smartcards;

Attend to RA queries and issues;

Hold user group meetings for RA Agents to facilitate continued understanding of RA processes and provide refresher training;

Maintain a log of RA equipment and consumables;

Prepare RA evidence for IGTK submission;

Communicate regularly with RA Agents;

mailto:[email protected]


Attend bi-monthly RA Group meetings;

Carry out regular RA audits

Creation of local processes that meet policy and guidance for the creation of digital identities, production of smartcards, assignment of access rights, modifications to access and people and certificate renewal and card unlocking

Verify users ID to e-GIF level 3 and NHS Employer standards

Grant users access assignment

Ensuring leavers from an organisation have their access rights removed in a timely way

Raising service issues as appropriate and through the correct channels

4.5 Registration Authority Administrator

Based in Human Resources the RA Administrator (RAA) will be required to assist the Registration Authority (RA) Coordinator with the following duties:

Register staff for Smartcards and take photographs where necessary;

Process RA requests in Care Identity Service (CIS);

Print and post Smartcards;

Maintain a log of issued Smartcards and ensure Smartcards are received on time;

Attend to RA queries via phone or email;

Liaise with other departments to follow up on urgent access queries;

Regularly update the Trust’s list of RA Agents and Smartcard Unlockers;

Receive leavers’ Smartcards for cancelling;

Follow up leavers and deactivate access;

Follow up with users to ensure that each user only has 1 Smartcard;

Follow up expired Smartcards and ensure cards are renewed or cancelled accordingly;

Where necessary synchronise RiO accounts to Smartcard user profiles;

Liaise with other departments to arrange Smartcard registration of groups of students and junior doctors;

Schedule RA Agent training on behalf of the RA Coordinator;

Ensure user details in CIS and the Electronic Staff Record (ESR) are consistent.


4.6 RA Agent

Also referred to as Smartcard Champions, RA Agents are nominated by the Services and approved by a RAM. It is expected that there will be an RA Agent in each team or unit that has Smartcard users. A list of the RA Agents will be maintained on the Trust’s staff website by the RA Coordinator. The RA Agent is responsible for:

Ensuring that all applicants for Smartcard complete the Smartcard Access Application form;

Checking and recording personal identification and confirmation of address documentation on application form and verify users ID to e-GIF level 3 and NHS Employer standards

Taking photographs of staff for Smartcards where possible;

Raising RA requests on CIS to create a user, deactivate or close a leaver, suspend access, request replacement Smartcard, change of name, or change of access;

Issuing Smartcards to users;

Being familiar with Trust RA policy;

Accessing and using available user guides;

Being the first point of contact for all local Smartcard issues;

Promptly reporting all incidents of misuse to the manager;

Checking that the registration request has been authorised by the Manager;

Flagging any access discrepancies to the RA Coordinator or the RAM and ensuring users at the time of registration or assigned a role in the organisation comply with the terms and conditions of Smartcard usage

Attending refresher training;

Unlocking Smartcards and assisting users reset Smartcard Passcodes;

Helping users renew Smartcard certificates when they cannot do it on their own.

Ensuring leavers from an organisation have their access rights removed in a timely way

Adhere to local processes that meet policy and guidance for the creation of digital identities, production of smartcards, assignment of access rights, modifications to access and people and certificate renewal and card unlocking


4.7 Card Unlocker

A Card Unlocker can unlock a Smartcard for all staff except RA Agents and RA Managers. The names of Card Unlockers are included in the list of RA Agents available from the staff website. Line managers can nominate a member of staff to be a Card Unlocker by way of email to the RA Manager or RA Coordinator.

4.8 Privacy Officer

The Privacy Officer is nominated by the Caldicott Guardian. The Privacy Officer receives and reviews Information Governance alerts generated automatically by the NHS Care Record Service (NCRS). Alerts are generated in response to the following actions:

A Smartcard user claims a legitimate relationship with a patient (self-claiming);

A Smartcard user overrides a patient’s dissent to NHS CRS information sharing and accesses sensitive personal data about the patient that is being maintained by another legal organisation;

A Smartcard user accesses sensitive personal data about the patient that is maintained by another legal organisation, where the patient has permitted that NHS CRS user to access their record from elsewhere;

A Smartcard user accesses information that has been ‘sealed’ at the patient’s request (unless the user or their workgroup created the seal or the sealed information);

A Smartcard user attempts to access address information with a patient’s record that has been flagged as sensitive on the Personal Demographics Service (this would always be unsuccessful as the address is protected)

5. Policy of the RA 5.1 Access to RA information

This policy and other RA information are available from the Trust staff website (http://www.southernhealth.nhs.uk/workday/it/smartcards/) which is maintained and regularly updated by the RA Coordinator. Card Unlockers and RA Agents must login with their username and password to access the full range of process guides.

5.2 Smartcard Access Application form

Anyone requiring Smartcard access must complete the Smartcard Access Application form. There are two versions of the application forms.

http://www.southernhealth.nhs.uk/workday/it/smartcards/


Appendix 2a is for directly employed staff whose Smartcard applications are processed at recruitment stage. Appendix 2b is for staff not directly employed by the Trust whose Smartcard applications should be processed by the local RA Agent. Once registration is complete and Smartcard access is requested via CIS the forms must be filed locally in a secure location, preferably together with other personnel documents unless a form needs to be forwarded to Central RA for further processing. In line with national Position Based Access Control (PBAC), providing systems training has been completed, Smartcard access is assigned on the basis of an individual’s job role or Electronic Staff Records (ESR) position title.

5.3 Smartcard photographs A Smartcard must bear a photograph of the user. Unless a camera is being used to take a photograph each applicant should present to the RA Agent two passport-size photographs. Where a user is not known, and is in possession of a Smartcard issued by another Trust, and doubt exists about the accuracy of a Smartcard photograph it may be necessary for an RA Agent or RA Manager to see original personal identification.

5.4 Handover of Smartcards For all systems that require Smartcard access, particularly RiO, Smartcards must be issued to users after successful completion of training. The Smartcard Handover Document (Appendix 4) must be signed by the user to confirm receipt of the new Smartcard as well as acknowledging the Trust’s conditions for using a Smartcard. Signed handover documents should be filed locally in a secure location, preferably together with other personnel documents.

5.5 Change of Smartcard access All requests to change Smartcard access must be submitted to the local RA Agent who will request access change using CIS.

5.6 Change of name Staff must provide documentary evidence e.g. marriage certificate when requesting change of legal name.

5.7 Leavers

Leavers moving to another NHS organisation A user transferring to another NHS organisation should retain their Smartcard. Any access held with the Trust must be deactivated using CIS.


If the leaver is an RA Manager, RA Agent or Card Unlocker arrangements should be made for a successor. A request must be made to remove staff from the distribution list by sending an email to [email protected].

Leavers not moving to another NHS organisation

Smartcard profiles of leavers with no intention of joining another NHS organisation must be closed off using CIS and their Smartcards cancelled. Smartcards should be handed back to the local RA Agent who must forward it to the RA Coordinator.

5.8 Cancelled Smartcards All cancelled Smartcards should be forwarded to Central RA for destruction. To destroy a

Smartcard, either fold the Smartcard so the crease goes through the chip, cut the Smartcard through the chip, or hole-punch the Smartcard through the chip.

All unused Smartcards must be returned to the RA Coordinator. 5.9 Long-term absence Individuals away or expected to be away from work for more than 3 months will have their

Smartcard access deactivated. Access will be restored upon their return to work. 5.10 Lost or stolen Smartcards Lost or stolen Smartcards fall under incident category ‘Yellow’ and must therefore be reported

as an incident via Ulysses and a replacement request made via the local RA Agent. Repeated loss of a Smartcard may result in disciplinary action and a charge may be levied. 5.11 Passcode Maintenance Smartcard Passcodes should be between 4 and 8 characters, alpha numeric and upper/lower

case. Smartcard unlocking must only take place in the presence of the user who will be required to

re-create a new Smartcard Passcode. In line with the Trust’s PC login policy users are encouraged to change their Smartcard

Passcode every 90 days using the Self Service Portal. 5.12 Smartcard Certificate Renewals Smartcards have certificates that expire every 2 years. When prompted, users can renew their

own Smartcards using the Self Service Portal in CIS. In the 30 days prior to certificate expiry users receive an alert once a day. Upon receiving this message users can choose to renew their certificates at that time or decline and renew later.

When certificates are within 20 days of expiry, users will be forced to renew. If a user fails to

renew their Smartcard within the stipulated period as prompted the Smartcard will expire and only an RA Agent or RA Manager can renew it during a face to face meeting.

mailto:ramanagers%1F%1F%[email protected]


5.13 Students, locum and other temporary staff Locum and other temporary staff may hold Smartcards if they have worked for other NHS

organisations where the use of a Smartcard was required.

Where a user has been issued with a Smartcard by another Trust the RA Agent must establish a likeness between the user and the Smartcard photograph. If any doubt exists the user will be required to show personal identification. Locum and other temporary staff, if not already registered, can be registered by the local RA Agent. Medical HR is responsible for coordinating Smartcard registrations of all new medical staff. Only students on assessed practice placement of 5 weeks or longer will need to have access to RiO. Managers must take into account the length of engagement when considering whether or not to request Smartcard access for a temporary member of staff.

5.14 Smartcard Incident Reporting

All staff employed by or working in partnership with the Trust have a duty to report untoward incidents regarding Smartcard access or Smartcard use where staff feel there is a risk to service users, health and confidentiality or Trust reputation. When a Manager is made aware of Smartcard misuse the local RA Agent should be instructed to immediately submit a request to the RA Coordinator to cancel the user’s Smartcard. The user must be instructed to terminate any active access sessions. An incident must be raised using normal reporting channels. Smartcard misuse refers to a breach in the conditions of use and/or associated user privileges to include:

Smartcard sharing

Smartcard or application misuse;

Smartcard theft

Repeated loss of Smartcard (a charge may be levied);

Non-compliance of local or national RA policy;

Any unauthorised access of Spine Compliant Applications;

Any unauthorised access of service user records on RiO;

Any unauthorised alteration of service user data.

The Manager should report the incident to the SIRO and Human Resources for investigation. After investigation Human Resources and the SIRO will recommend further action to be taken. The SIRO may refer to the IGG to decide whether Trust systems or working practices should be reviewed as a result and whether the matter should be reported to the Trust Board. RiO users must be aware that access to the system may be audited in line with agreed Trust processes. Following an audit, any breaches must be reported as an incident via Ulysses, the Trust’s Safeguard online reporting system (https://risk.southernhealth.nhs.uk/)

https://risk.southernhealth.nhs.uk/


Major security breaches must be reported by the Trust RAM to the Regional RA Manager to ensure any risks resulting from the event can be taken into account and mitigated against.

5.15 Other Related Processes

The Trust must ensure that processes supporting the identification, registration and management of end users are integrated with other Trust processes as appropriate (for example, the recruitment process, starters and leavers and the Trust’s Disciplinary Procedure). RA Policy and RA procedures are subject to audit by internal and external auditors. Audits would typically cover:

the issue of Smartcards

the management of Smartcards

the profiles associated with users in relation to what they do

the use of Smartcards

the use of systems requiring Smartcard access

identity management

security of supplies and equipment

5.16 Security (Administration, Data Protection and Records)

The Trust has designated the RAMs to be responsible for all administrative processes and ensuring compliance with the NHS Digital policies and associated requirements. All documentation and photographic information concerning registration identity must be kept in accordance with Trust Policies. This documentation is auditable. All information relating to the verification of identity is to be treated as strictly confidential and used only for the intended purpose. Records and documentation required for evidence and used for authentication must be retained in accordance with the DoH’s Records Management Code of Practice for Health and Social Care (April 2016). The following text is reproduced from the retention requirements of Establishment Records – Major, a category that includes personnel files:

Keep for 8 years after individual leaves service, at which time a summary of the file must be kept until individual’s 70th birthday.

The following guidance is also applicable to the retention of identification information for NHS level 3 authentications:

Where practical, file copies of the supporting evidence should be retained. Alternatively, the reference numbers and other relevant details of the identification evidence obtained should be recorded to enable the documents to be obtained again.

Any misuse of information by staff whose role includes RA elements will be dealt with under the Trust’s Disciplinary Procedure. It is a criminal offence to pass registration identity information to anyone who is not entitled to receive it and could result in prosecution.


In line with the Clear desk, clear screen policy (Appendix A5) Smartcards must be removed from card readers when users are away from their desks to avoid possible Smartcard misuse, loss or theft.

5.17 RA Reports

Using the Enhanced Reporting Service (ERS) the following 4 standard reports can be produced;

Registered Organisation Persons (Displays details of all registered users);

Unused User Accounts (Displays registered users who have not used their Smartcards);

Users with Smartcards (Displays all registered users with Smartcards);

Users without Smartcards (Displays all registered users who do not have Smartcards).

Additional ad hoc reports can be created. It is important that these reports (which contain user information such as name or UUID) are:

Only accessible by RA staff, HR staff with RA responsibilities, or by those who are directly involved in enabling Smartcard access;

Protected from non RA users in keeping with current guidance on person identifiable data;

Only circulated between RA managers and RA agents, kept physically secure and when no longer needed are disposed of confidentially.

RA managers and agents can use the reporting capabilities to actively manage the quality of registrations and access profiles associated with users in their organisation, and in partnership with others use them as a benchmarking tool. Some examples of the quality criteria to be managed are:

Verification that users with access profiles still require these access profiles;

Verification that only 1 Smartcard is issued to each user;

Verification that each user has only 1 Smartcard profile;

The range of access given to particular user groups.

Reports should be periodically produced to monitor and improve the quality of RA information.

5.18 Contingencies

If an RA Agent is unavailable to attend to a Smartcard issue it is reasonable for the user to approach the nearest alternative RA Agent for assistance. Communication between teams is important to ensure there is agreement.

The RAC is on standby to provide cover where no other RA Agent is available. RA Agents can ‘buddy-up’ to help each other with any RA processes such as Smartcard registrations for groups of people.


5.19 Security of Smartcards

Access to unused Smartcards will at all times be restricted. Used and unused Smartcards will be maintained by the RA. RA Security Policy in Appendix 5 below details arrangements to secure RA equipment.

5.20 Accountability

It is the responsibility of Managers to ensure that all Smartcard users adhere to this policy. Any failure to adhere to this policy may result in disciplinary action against the user.

6. Training Requirements

All RA members must be provided with appropriate training. User group meetings will be held periodically to offer refresher training to RA members.

7. Monitoring Compliance

As outlined in the Terms of Reference, the Trust’s RA is responsible for monitoring compliance.

8. Policy Review

This policy will be reviewed on an annual basis.

9. Associated Documents

See appendices 1 to 5.


Appendix 1 REGISTRATION AUTHORITY - TERMS OF REFERENCE Reports to: Information Governance Group Membership: Divisional Representatives RA Manager (Chair)

Information Governance Manager Systems Support RA Lead ICT Security Specialist

RA Coordinator Links to: RiO project team meetings Meeting frequency: Bi-monthly Quorum: For decision making purposes at least one RA Manager, RA Coordinator,

Information Governance Manager and 1 Divisional representative. Purpose: To support the delivery of the Registration Authority responsibilities of the

Trust to ensure compliance with national standards and guidance. Tasks: 1. To be responsible for and periodically review the Registration Authority Policy. 2. To set, agree and review standards to apply within the Trust and monitor compliance against

those standards. 3. To define a rolling work programme to ensure the delivery of RA responsibilities, agree roles

within and monitor its progress. 4. To support any RA project work streams. 5. To act as a steering group and delegate appropriate tasks/projects to other groups as agreed. 6. To make recommendations and provide evidence to ensure RA requirements are compliant

with the Information Governance Toolkit standards. 7. To agree definitions / interpretations of national guidance for application Trust wide. 8. To advise on communications with Trust staff and, where appropriate, ensure

communications are disseminated to Divisions. 9. To ensure that the Trust is made aware of national priorities 10. To ensure user compliance with Smartcard obligations. 11. To commission any audits required and monitor implementation of recommendations. 12. To ensure any risks are identified, recorded and managed as required. Signed by ……………………………………… and …………………………………………… On behalf of Registration Authority 22 February 2018


Appendix 2a

NEW STARTER

APPLICATION FORM FOR SMARTCARD (RIO) & ID BADGE

Your post at Southern Health NHS Foundation Trust requires a smartcard and ID Badge.

Please provide the information required below:

Title:

FULL Name:

Preferred FULL Name:

National Insurance Number:

Date of Birth:

Post title:

Work Base:

If you already have a NHS Smartcard (RIO) please provide the number from the front of your card:

Next Steps:

Email a digital copy of your photo to [email protected]

Your colour photo should be passport photo standard, head and shoulders in front of a neutral background in professional dress.

Please ensure your email contains your name, job title and date of birth.

I sign below to declare that the photographs I provide are a true and accurate resemblance of me:

Applicant signature: ___________________________________________________

Final Step:

Return your completed form to recruitment at [email protected] along with any other outstanding recruitment documents.

For HR office use only:

Start date:




Appendix 2b

Application for New Smartcard

Please use this form if you do not already have an NHS Smartcard and require one for you daily work within the Trust. See page two of this form for instructions on: how this form is to be completed, who needs to authorise it, providing an acceptable photograph, and providing acceptable identification to ensure you may have a new Smartcard.

Applicant Personal Details (Please complete all required fields in full in BLOCK CAPITALS)

Title: (e.g. Dr, Mr, Mrs, Miss etc.) Date of Birth (below):

(Mandatory)

First Name: (Mandatory)

Surname: (Mandatory) NI number (below):

(Mandatory)

Previous Surname:

Preferred Full Name:

Applicant Contact Details (used if we

have a query on form) Telephone/Mobile number (below):

Email (below):

Applicant Identifiers (Please complete all required fields in full in BLOCK CAPITALS)

Full Job Title: (Mandatory)

Employee Number: (If Known) Line Manager Name (below):

Site/Department Name: (Mandatory)

Full Work Address: (Mandatory) (Include Postcode)

Identity Verification (Mandatory) (3 Forms of ID: 1 Photo ID + 2 Address ID OR 2 Photo ID + 1 Address ID)

Photo Identification Document No.

Country Date of Issue

Date of Expiry

Passport: Not

Applicable

Driving Licence: Not Applicable

Other:

Address Identification: Address 1

Address 2

Address ID Type: (Utility Bill, Electoral Register, etc.)

Name of Company:


Date of Issue:

RA declaration - to be completed by Smartcard Champion (Mandatory)

RA Name: RA Role:

RA UUID: Date:

By signing above, I confirm the applicant specified can be issued a Smartcard. I verify the original document was seen and confirmed to be genuine in a face to face meeting with the applicant.

Once completed, email this form and photos to: [email protected] Alternatively you can post it to: Registration Authority (Smartcards), Human Resources, Southern Health NHS Foundation Trust, Moorgreen Hospital, Botley Road, West End, Southampton, SO30 3JB



Appendix 3 HANDOVER OF SMARTCARDS Dear Manager/Smartcard Champion

Please find enclosed Smartcard and/or Trust ID card for your staff.

A Smartcard is necessary to access:

RiO

E-Referral service (ERS)

Electronic Staff Records (ESR)

Spine Portal (https://portal.national.ncrs.nhs.uk) which includes Summary Care

Record (SCR), Secondary Uses Service (SUS), and the Care Identity Service.

FOR RiO ONLY - HANDOVER THE SMARTCARD ONCE RiO TRAINING OR

ASSESSMENT HAS BEEN SUCCESSFULLY COMPLETED.

For a user to successfully logon to RiO with their Smartcard please ensure the following:

User has own PC login

User has RiO account (request RiO account by way of completing online GIZMO tool

or by ringing IT helpdesk on 0300 123 9977)

User has successfully completed RiO training or assessment

Please ensure the user signs the Smartcard Handover document overleaf and retains the

user’s copy. Your local Smartcard Champion or Card Unlocker will help the user set up their

own Smartcard passcode. Any issues or problems with a Smartcard must be reported to

your local Smartcard Champion. The Smartcard Champion should escalate to Central

Registration Authority (RA) on 023 8047 5380/5136 or [email protected] if they are

unable to resolve the issue. To nominate an individual to be a Smartcard Champion please

ring Central RA on the phone number provided above.

Please confirm receipt of cards by way of email to [email protected] If you feel these cards have been sent in error then please return to: Smartcard Support Hawthorn Lodge Moorgreen Hospital Botley Road West End SO30 3JB Thank you. Human Resources (HR) SOUTHERN HEALTH NHS FOUNDATION TRUST

https://portal.national.ncrs.nhs.uk/




HANDOVER OF SMARTCARDS

You have been successfully registered for a Smartcard to use during your employment or association with Southern Health NHS Foundation Trust enabling access to one or more of the following systems:

RiO

E-Referrals Service (ERS)

Electronic Staff Record (ESR)

Spine Portal (https://portal.national.ncrs.nhs.uk) which includes Summary Care Record (SCR),

Secondary Uses Service (SUS), and Care Identity Service (CIS).

A Smartcard Champion (Registration Authority (RA) Agent) will help you set up your own personal Passcode which must be between 4 and 8 characters, alpha numeric and upper/lower case (Registration Authority Operational Process and Guidance version 3, 30/09/2008 File reference NPFIT FNT-IMD-IME-0182). Example Passcode – Ab1234.

By signing below I agree:

1. That the Smartcard issued is the property of the NHS and agree to use it only in the normal course of employment or contract arrangement and (where applicable) in accordance with my contract of employment or contract of service provision.

2. That this Smartcard is for my own use and I will not permit anybody else to use it. I will not share my Passcode with any other user. I will not make any electronic or written copies of my Passcode. I will periodically change my Passcode to ensure it remains secure.

3. That my Smartcard may be revoked or my access changed at any time without notice if I misuse my Smartcard. I accept that Smartcard misuse will be brought to the attention of my employer (or governing body in relation to independent contractors) who will then take appropriate action which may result in disciplinary proceedings and/or criminal prosecution.

4. To adhere to the RA Policy and Procedure for Smartcard Access to National Programme Systems (SH IG 43) accessible via the Trust website. Please be aware that access to RiO may be audited in line with agreed Trust processes.

5. To carry my Smartcard wherever I may need to access any of the above applications. Should I forget my Smartcard it is my responsibility to collect it.

6. To never leave my Smartcard unattended and to take all reasonable steps to ensure that I always leave my workstation secure by removing my Smartcard when I am not using it. Please be aware that removal of Smartcard from card reader will immediately close down RiO and any other open internet explorer windows.

7. To contact my local Smartcard Champion or Smartcard Unlocker or the Central Registration Authority if my Smartcard is blocked or faulty.

8. To notify my local Smartcard Champion or the Central Registration Authority if am leaving the Trust or changing teams or changing names. (You may keep your Smartcard if you are moving to another NHS organisation).

9. To notify my local Smartcard Champion or the Central Registration Authority if I lose or misplace this Smartcard or suspect that it has been stolen or used by a third party.

Name ___________________ Signature ________________ Date _____________

Date RiO training completed Manager name Manager signature

This form must be filed locally together with all other RA forms. However if Smartcard is received in error please return to Registration Authority (Smartcards), Human Resources, Southern Health NHS Foundation Trust, Moorgreen Hospital, Botley Road, West End, Southampton, SO30 3JB. Tel: 023 8047 5380/5136.



HANDOVER OF SMARTCARDS – User’s Copy

You have been successfully registered for a Smartcard to use during your employment or association with Southern Health NHS Foundation Trust enabling access to one or more of the following systems:

RiO

Choose and Book (CAB)

Electronic Staff Record (ESR)

Spine Portal (https://portal.national.ncrs.nhs.uk) which includes Summary Care Record (SCR),

Secondary Uses Service (SUS), and the Care Identity Service (CIS).

A Smartcard Champion (Registration Authority (RA) Agent) will help you set up your own personal Passcode which must be between 4 and 8 characters, alpha numeric and upper/lower case (Registration Authority Operational Process and Guidance version 3, 30/09/2008 File reference NPFIT FNT-IMD-IME-0182). Example Passcode – Ab1234.

By signing below I agree:

1. That the Smartcard issued is the property of the NHS and agree to use it only in the normal

course of employment or contract arrangement and (where applicable) in accordance with my

contract of employment or contract of service provision.

2. That this Smartcard is for my own use and I will not permit anybody else to use it. I will not

share my Passcode with any other user. I will not make any electronic or written copies of my

Passcode. I will periodically change my Passcode to ensure it remains secure.

3. That my Smartcard may be revoked or my access changed at any time without notice if I

misuse my Smartcard. I accept that Smartcard misuse will be brought to the attention of

my employer (or governing body in relation to independent contractors) who will then

take appropriate action which may result in disciplinary proceedings and/or criminal

prosecution.

4. To adhere to the RA Policy and Procedure for Smartcard Access to National Programme

Systems (SH IG 43) accessible via the Trust website. Please be aware that access to RiO

may be audited in line with agreed Trust processes.

5. To carry my Smartcard wherever I may need to access any of the above applications. Should

I forget my Smartcard it is my responsibility to collect it.

6. To never leave my Smartcard unattended and to take all reasonable steps to ensure that I

always leave my workstation secure by removing my Smartcard when I am not using it.

Please be aware that removal of Smartcard from card reader will immediately close down RiO

and any other open internet explorer windows.

7. To contact my local Smartcard Champion or Smartcard Unlocker or the Central Registration

Authority if my Smartcard is blocked or faulty.

8. To notify my local Smartcard Champion or the Central Registration Authority if am leaving the

Trust or changing teams or changing names. (You may keep your Smartcard if you are

moving to another NHS organisation).

9. To notify my local Smartcard Champion or the Central Registration Authority if I lose or

misplace this Smartcard or suspect that it has been stolen or used by a third party.



Appendix 4

Registration Authority Security Policy (equipment and consumables) 1. Purpose 1.1 This document outlines security requirements of RA equipment and consumables. 2. Background 2.1 The RA issues Smartcards to user of National Care Records Service (NCRS) systems. Smartcards are created and issued the RA workstation in Human Resources. To meet demand for Smartcards in a timely manner the following equipment and consumables are used: RA equipment and consumables

2 RA Workstations

1 laptop

2 Smartcard printers

2 Cameras

Smartcard readers

Smartcards

Printer ribbons

Printer cleaning material 3. Security of equipment and consumables 3.1 All RA equipment and consumables must be kept in a secured location. 3.2 Access to RA equipment and consumables is restricted to RA personnel only. 3.3 In case of damage, loss or theft of RA equipment normal Trust incident reporting procedures must be adhered to. 4. Maintenance of equipment and consumables 4.1 Smartcard printers are serviced under warranty by: Datacard, Whiteley, Fareham Hampshire, PO15 7FH, United Kingdom. Phone: +44 (0) 1489 555 600. Fax: +44 (0) 1489 555 601. Email: [email protected]. 4.2 Contact Datacard to report faulty Smartcard printers. Orders for printer consumables must be placed with Datacard directly. 4.3 Use of Smartcards, Smartcard readers, and printer consumables must be monitored by the RA Manager. 4.5 Contingent stock of 200 Smartcards, 50 Smartcard readers, 1 Smartcard printer ribbon and 5 Smartcard printer cleaning packs must be available at all times. Signed: ___________________ (RA Manager) Date: ___________________


Appendix 5 CLEAR DESK, CLEAR SCREEN AND SMARTCARD MAINTENANCE POLICY

AUDIT OF TEAMS / SITES WITHIN SOUTHERN HEALTH NHS FOUNDATION TRUST Policy for the Management of Personal Information (IG42) http://www.southernhealth.nhs.uk 5.3.4 Clear screen Policy – Workstations will require a username and password to be entered before accessing a PC where operating system permits. Windows screen saver with password protection enabled will be used on all PCs with a time set to ten minutes maximum within sensitive locations and a maximum of thirty minutes at other locations. 5.3.5 Clear Desk Policy - Any confidential information must be placed out of sight, in locked cabinets when not in use. This includes any portable computers that may contain confidential information. 5.3.6 Smartcard Maintenance – If unattended, workstations must be clear of Smartcards. Report damaged, lost or stolen Smartcards to your local RA Agent. For lost or stolen Smartcards an incident form must be completed before a replacement Smartcard is issued. Smartcards must not be shared. Appropriate action will be taken against anyone found to be sharing a Smartcard which may result in disciplinary proceedings and/or criminal prosecution. Information Asset Administrator: Location:

Date Staff Name / Office / Area

Desk Audit

Yes/No

Screen Audit

Yes/No

Smartcard Audit

Yes/No

Area of Concern Reported to: Staff / Manager Date & Name

Staff Comments / Action Taken

http://www.southernhealth.nhs.uk/


Appendix 6: LEaD (Leadership, Education & Development) Training Needs Analysis If there are any training implications in your policy, please complete the form below and make an appointment with the LEAD department (Deputy Head of LEAD or LEAD Strategic Education Lead) before the policy goes through the relevant Expert Committee.

Training Programme Frequency Course Length Delivery Method Trainer(s) Recording

Attendance

Strategic & Operational

Responsibility

RA Agent training Once 2 hours Face to face RA Coordinator LEaD RA/IGG

Directorate Division Target Audience

MH/LD

Adult Mental Health

Nominated RA Agents (Smartcard Champions)

Learning Disabilities


Older Persons Mental Health


Specialised Services


TQtwentyone


ICS

Adults


Childrens & Wellbeing


Dental


Corporate Services All (HR, Finance, Governance, Estates etc.)



Appendix 7: Equality Impact Analysis Screening Tool

Equality Impact Assessment (or ‘Equality Analysis’) is a process of systematically analysing a new or existing policy/practice or service to identify what impact or likely impact it will have on different groups within the community

For guidance and support in completing this form please contact a member of the Equality and Diversity team on 01256 376358.

Name of policy/service/project/plan:

Registration Authority Policy for Smartcard Access to National Programme Systems

Policy Number: SH IG 43

Department: Human Resources

Lead officer for assessment: Ratiel Gapa: Registration Authority Coordinator/RBAC Lead

Date Assessment Carried Out: February 2014

1. Identify the aims of the policy and how it is implemented.

Key questions Answers / Notes

Briefly describe purpose of the policy including

How the policy is delivered and by whom

Intended outcomes

This policy details the roles and responsibilities of the Trust’s RA. The policy also outlines the rules relating to Smartcard use and Smartcard access. Accessible to all staff this policy is intended to instil and promote responsible Smartcard use as well as meet local and national requirements. The Trust’s RA and IGG will monitor compliance.

2. Consideration of available data, research and information.

Monitoring data and other information involves using equality information, and the results of engagement with protected groups and others, to understand the actual effect or the potential effect of your functions, policies or decisions. It can help you to identify practical steps to tackle any negative effects or discrimination, to advance equality and to foster good relations. Please consider the availability of the following as potential sources:

Demographic data and other statistics, including census findings

Recent research findings (local and national)

Results from consultation or engagement you have undertaken

Service user monitoring data

Information from relevant groups or agencies, for example trade unions and voluntary/community organisations

Analysis of records of enquiries about your service, or complaints or compliments about them

Recommendations of external inspections or audit reports

Key questions

Data, research and information that you can refer to

2.1 What is the equalities profile of the team delivering the service/policy?

The Equality and Diversity team will report on Workforce data on an annual basis.

2.2 What equalities training have staff received? All Trust staff have a requirement to undertake


Equality and Diversity training as part of Organisational Induction (Respect and Values) and E-Assessment

2.3 What is the equalities profile of service users? The Trust Equality and Diversity team report on Trust patient equality data profiling on an annual basis

2.4 What other data do you have in terms of service users or staff? (e.g. results of customer satisfaction surveys, consultation findings). Are there any gaps?

The Trust is preparing to implement the Equality Delivery System which will allow a robust examination of Trust performance on Equality, Diversity and Human Rights. This will be based on 4 key objectives that include: 1. Better health

outcomes for all 2. Improved patient

access and experience

3. Empowered, engaged and included staff

4. Inclusive leadership

2.5 What engagement or consultation has been undertaken as part of this EIA and with whom? What were the results?

Consulted with Equality and Diversity Lead.

2.6 If you are planning to undertake any consultation in the future regarding this service or policy, how will you include equalities considerations within this?

n/a