Presentation is loading. Please wait.

Presentation is loading. Please wait.

Level 1 – All staff involved in routine access to information IG Presentation Ver3 Jan2015 EIG01-01N Information Governance.

Published byNoreen Walton Modified over 8 years ago

Similar presentations

Presentation on theme: "Level 1 – All staff involved in routine access to information IG Presentation Ver3 Jan2015 EIG01-01N Information Governance."— Presentation transcript:

1 Level 1 – All staff involved in routine access to information IG Presentation Ver3 Jan2015 EIG01-01N Information Governance

2 What you will learn in this session? 1.Principles of Information Governance and their application to health and social care organisations 2.Accessing Information Governance resources including national legislation, guidance and local policies & procedures 3.Health and social care organisations’ responsibilities 4.Protection of an individual’s confidentiality and the Caldicott Principles 5.How to practice and promote a confidential service 6.Principles of ensuring and maintaining good client records 7.Recognising / responding to Freedom of Information requests 8.Keeping Information Secure

3 What is Information Governance? Information Governance is about how health and social care organisations and their employees must handle sensitive information IG is to do with how NHS/Social Care organisations and individuals handle information

4 Slide 4 of 21 A framework of legal and ethical principles that apply when sensitive information is collected, processed and shared What is Information Governance? Excellent Care is built on a Foundation of confidence & trust How organisations & individuals handle personal & sensitive information Principles of Law and best practice Different Data Sets: Personal & Sensitive (Healthcare records) Person based & anonymous (Research data) Corporate (Trust Financial Accounts)

5 What is Information?  Personal  Sensitive  Corporate Examples  Name, Address, Date of Birth, Next of Kin  Ethnicity, Diagnosis, Illness & Disorders, Sexual Orientation  Minutes of Meetings, Employee Details, Financial Information

6 Why is Information Governance so important? For patients and service users  Information is critical for safe, timely and effective care  Information is sensitive  Excellent healthcare is built on a foundation of confidence & trust

7 Why is Information Governance so important? For an employee  Sensitive information  Ethical and legal responsibility of every employee  Information must be: accessed, used & shared appropriately

8 Why is Information Governance so important? For a health or social care organisation  Ethical and legal responsibility of every organisation  Breaches of confidentiality costs money and reputation

9 Requirements for health and social care organisations ; Trust policies, guidelines and procedures All information must be: H eld securely and confidentially O btained fairly and efficiently R ecorded accurately and reliably U sed effectively and ethically S hared appropriately and lawfully

10  Common Law Duty of Confidentiality  Computer Misuse Act 1990  Data Protection Act 1998  The Human Rights Act 1998  The Freedom of Information Act 2000  People have legal rights through common law to confidentiality  It is an offence to access / attempt to access computer systems without appropriate authorisation  States legal obligations for the collection, use, sharing and disclosure of personal information  Enshrines a basic human right for all to have the right to privacy  Allows the public to request information held by Public Authorities The Law and Information Governance

11  Information Security Standards – ISO/IEC 17799: 2005 and IS Management NHS Code of Practice  The NHS Confidentiality Code of Practice  The Records Management NHS Code of Practice  Information Quality Assurance Standards, Policies & Codes of Practice

12 Slide 12 of 21 The Caldicott principles must be used when accessing and using Patient Identifiable Information (PID) or confidential information and which must be maintained by all healthcare organisations.  Justify the purpose of using confidential information  Only use it when absolutely necessary  Use the minimum information required  Allow access on a strict need-to-know basis  Always understand your responsibility  Understand and comply with the law  The duty to share information can be as important as the duty to protect patient confidentiality Always follow the Caldicott Principles

13 Q.Who is a Caldicott Guardian? A.A senior person in the organisation responsible for ensuring the Caldicott principles are applied and maintained Q.Are you unsure whether to disclose? A.Don’t disclose Ask your manager or the Caldicott Guardian Caldicott Guardians

14 Individuals have the right to access sensitive information including paper, computer records and other related information  Patients can request access to their medical record  Employees can request access to their personal records Subject Access Requests

15 What is a Freedom of Information (FOI) Request?  A request for official information held by Public Bodies such as hospital trusts  Public have a right to access/view all non-personal, public authority information  Purpose is to promote openness & accountability  Requests must be made in writing  There are Exemptions  Law requires that any FOI request must receive a response within 20 days Direct Freedom of Information requests to the Lead in your Organisation

16 Dear FOI Lead, I have recently undergone an operation on my hip at your Trust and would like to see all the notes in my health record regarding this period of care. Please give me an indication of when this information can be provided to me. Yours sincerely Mrs A Smith Can you recognise a Freedom of Information (FOI) Request? Dear Sir/Madam, I would like to know how much the Trust is spending on the new A&E unit due to be completed in March 2014. I would like a list of the new medical and non medical equipment being purchased for this unit. Yours sincerely Daniel Radcliffe MP

17 Slide 17 of 21 Duty of Confidence You have a legal duty to protect and maintain confidentiality  There’s a confidentiality clause in your contract of employment  You have a professional duty of confidence It’s in your Code of Professional Conduct

18 Duty of Confidence Be careful and cautious when answering the telephone:  Callers request information under false pretences  Requests for information need to be verified  If possible, always obtain requests in writing Are you unsure? Don’t disclose Ask your manager or the Caldicott Guardian who is responsible for ensuring confidentiality

19 Slide 19 of 21 Good Quality Record Keeping  Does a record already exist?  Records must be clear, factual, accurate & complete  Can everybody else read them?  Complete them quickly!  Make sure they dated, timed and signed  Keep information up-to-date  Store them safely Read them, check them, then check again!

20 Good Quality Record Keeping  Check the minimum period records have to be retained  Are you deleting records? If so check the organisation’s Disposal of Records Policy and Procedures

21 Information security is about ensuring information is:  Protected and secure  Reliable  Available to authorised users only Your responsibilities are to ensure:  Records are correctly stored  Passwords are kept secure  Report inappropriate disclosures  Safe Haven processes when faxing are used  Delete spam mail without opening  You don’t download unauthorised software  You use IT equipment correctly Information Security Any breaches of data security, no matter how small must be reported

22 Information Security A serious matter  Organisations have systems in place to monitor the access, use of systems and information by staff  Failure to comply with legal obligations or organisational policy & guidelines could mean disciplinary and legal action being taken

23 Your Responsibilities DO  Protect an individual’s information  Be aware of national & local information, Policy & Procedures  Inform patients how information is used and when it may be disclosed  Help to improve the way organisation protects information  Report any suspected or actual breaches of information security  Seek advice from the appropriate leads if you have any Information Governance concerns DON’T  Send confidential, person- identifiable data without applying the required encryption/security measures  Store Personal/Sensitive information on unencrypted and unauthorised portable devices  Disclose confidential information with unauthorised people  Leave person-identifiable data (PID) unattended or in vehicles  Access inappropriate websites  Use an organisation's equipment or information to promote private business or for financial gain

24 Useful sources of Information and links Further advice Contact your local Information Governance Manager or Lead Useful Links  Information Commissioners Office www.ico.org.uk/ www.ico.org.uk/  Connecting for Health Toolkit www.igt.hscic.gov.uk/ www.igt.hscic.gov.uk/

25 Thank you for the support in developing these materials  Michael Abbotts St Helens and Knowsley NHS Hospitals Trust  Jonathan MayesInformation Risk Manager Pennine Care NHS Foundation Trust  Trish NoonInformation Governance Manager Pennine Acute Hospitals NHS Trust Trish’s original presentation was used as the basis for these materials  Barbara Smart Data Protection Liaison Officer Royal Liverpool and Broadgreen University Hospitals NHS Trust  Cora SuckleyInformation Governance Project Coordinator The Clatterbridge Cancer Centre NHS Foundation Trust  Menna HarlandAcademic Lead for Practice Learning Liverpool John Moores University  Nick MoseleyMoseley Multimedia Ltd

26 THANK YOU Any Questions?

Download ppt "Level 1 – All staff involved in routine access to information IG Presentation Ver3 Jan2015 EIG01-01N Information Governance."

Similar presentations

Information Governance, Love it or Hate it!

Information Governance, Love it or Hate it!
Records Management and the NHS Code of Practice (Foundation) Information Governance Policy Team NHS Connecting for Health.

Records Management and the NHS Code of Practice (Foundation) Information Governance Policy Team NHS Connecting for Health.
Working with Information Governance

Working with Information Governance
Information Governance An Introduction. Information Governance Outline What is Information Governance What initiatives does IG cover.

Information Governance An Introduction. Information Governance Outline What is Information Governance What initiatives does IG cover.
Introduction to Information Governance (IG)

Introduction to Information Governance (IG)
Records Management and the NHS Code of Practice (Foundation) Information Governance Policy Team NHS Connecting for Health.

Records Management and the NHS Code of Practice (Foundation) Information Governance Policy Team NHS Connecting for Health.
Information Governance. “ensuring the confidentiality, accuracy and availability of patient information” Why Information Governance?

Information Governance. “ensuring the confidentiality, accuracy and availability of patient information” Why Information Governance?
Principle 1 Principle 1 Processed fairly and lawfully + only with a legitimate basis There should be no surprises, so … inform data subjects why you are.

Principle 1 Principle 1 Processed fairly and lawfully + only with a legitimate basis There should be no surprises, so … inform data subjects why you are.
Information Governance – Who Cares? Alistair Stewart Information Governance Co-ordinator.

Information Governance – Who Cares? Alistair Stewart Information Governance Co-ordinator.
Unit 4- Assignment 3 P5, P6, M2 BTEC Business Level 3.

Unit 4- Assignment 3 P5, P6, M2 BTEC Business Level 3.
Health Insurance Portability and Accountability Act HIPAA Education for Volunteers and Students.

Health Insurance Portability and Accountability Act HIPAA Education for Volunteers and Students.
1 HIPAA Education CCAC Professional Development Training September 2006 CCAC Professional Development Training September 2006.

1 HIPAA Education CCAC Professional Development Training September 2006 CCAC Professional Development Training September 2006.
HIPAA Training Presentation for New Employees How did we get here? HIPAA Police 1.

HIPAA Training Presentation for New Employees How did we get here? HIPAA Police 1.
Confidentiality & Records Management. What is Information Governance? What is Records Management?

Confidentiality & Records Management. What is Information Governance? What is Records Management?
Data Protection.

Data Protection.
How to Find Your Way Around… SEPT - MANDATORY TRAINING 1. You can play the PowerPoint, and find the Test here EXAMPLE COURSE.

How to Find Your Way Around… SEPT - MANDATORY TRAINING 1. You can play the PowerPoint, and find the Test here EXAMPLE COURSE.
CODE OF ETHICS South Australian Public Sector Public Sector Act, 2009.

CODE OF ETHICS South Australian Public Sector Public Sector Act, 2009.
What does the Data Protection Act do? It sets standards which must be satisfied when obtaining, recording, holding, using, disclosing or disposing of.

What does the Data Protection Act do? It sets standards which must be satisfied when obtaining, recording, holding, using, disclosing or disposing of.
Information Governance

Information Governance
DATA PROTECTION AND PATIENT CONFIDENTIALITY IN RESEARCH Nic Drew Data Protection Manager University Hospital of Wales  2074 6677  2074 5626 

DATA PROTECTION AND PATIENT CONFIDENTIALITY IN RESEARCH Nic Drew Data Protection Manager University Hospital of Wales   

Similar presentations

Ads by Google