‘THE DOORS, WINDOWS AND ALARM’-HOW TO GET INFORMATION GOVERNANCE RIGHT
CLARE SANDERSON
IG SOLUTIONS LIVERPOOL LTD
WHAT IS INFORMATION GOVERNANCE?
A framework of legal and ethical standards, principles and best practice that apply when personal, sensitive or confidential data is collected processed or shared.
WHY IS INFORMATION GOVERNANCE IMPORTANT?
FOR PATIENTS AND SERVICE USERS
• Information about them is sensitive
• Information is critical for safe, timely and effective care
• Excellent healthcare is built on a foundation of confidence & trust
FOR CLINICIANS AND CARE PROVIDERS
• Handling sensitive information
• Ethical and legal responsibility of every employee
• Information must be accessed, used & shared appropriately
FOR ORGANISATIONS
• Ethical and legal responsibility of every organisation
• Breaches of data protection act cost money and reputation
HOW CAN YOU GET IT RIGHT?
Data Protectio
n Assuranc
e
Information
Security Assuranc
e
Clinical Informati
on Assuranc
e
Corporate
Information
Assurance
Other / Secondar
y Uses Assuranc
e
Information Governance Management
Information Governance Management
FIVE TOP TIPS….
1. Privacy Impact Assessments
2. Meeting Patients Rights
3. Data Sharing Arrangements
4. Organisational Culture and Staff Awareness
5. What you do if things go wrong
1 PRIVACY IMPACT ASSESSMENT
• Protects the individual’s right to privacy and confidentiality in the collection, use, storage and disclosure of their information
• Ensures controls and practices are embedded in the design of the project
• Raises awareness of privacy issues with staff and creates a culture where privacy matters
2. MEETING PATIENTS RIGHTS
Patients have rights under the Data Protect Act:
Information you hold about them is correct
That it is only available to those who should have it
That it is only used for stated purposes
That it is held securely
KEEP PATIENTS INFORMEDhttp://www.1001FreeDownloads.comhttp://dryicons.com
3. DATA SHARING ARRANGEMENTS
Data Sharing Contract
Data Sharing
Agreement 1
Data Sharing
Agreement 2
Data Sharing
Agreement 3
Data Sharing Contract sets out the overarching IG arrangements
Data Sharing Agreement for each data flow:
• Details of Data Items
• Data controller / Processor
• Purpose
• Access controls
4. ORGANISATIONAL CULTURE & STAFF AWARENESS
Leadership
Training and
Awareness
Lessons Learned
All staff receive IG training on a regular basis and are
made aware of Policies and Procedures
Board level responsibility for Data Privacy and Information Risk Assurance
Lessons Learned from previous incidents are shared with all relevant staff
5. WHAT YOU DO WHEN THINGS GO WRONG..
Incident Management Process:• Clear Roles and
Responsibilities• Business Continuity Plans• Investigation Procedure• Lessons Learned• Share and Educatehttp://www.1001FreeDownloads.com
http://dryicons.com