Presentation is loading. Please wait.

Presentation is loading. Please wait.

Information Governance Peter McKenzie Information Governance Manager NHS Tayside

Published byGarrett Sandal Modified over 9 years ago

Similar presentations

Presentation on theme: "Information Governance Peter McKenzie Information Governance Manager NHS Tayside"— Presentation transcript:

1 Information Governance Peter McKenzie Information Governance Manager NHS Tayside informationgovernance.tayside@nhs.net

2 Caldicott Approval The Caldicott Guardian has a responsibility to review and monitor all flows of information in NHS Tayside and all transfers of data outside of the organisation. Approval must be sought when creating an information sharing protocol to share patient identifiable information (PII) with another organisation proposals for research projects that will use PII collecting PII for the purposes of creating a new database

3 GP/practice nurse Walk-in centre Health Care Guides Visited at home Online Services Dentist Lab.Services Out of Hours and Direct Calls A&E Pharmacy Out Patients Inpatient Boards Caldicott Coverage

4 Caldicott Approval – to cover… research where data is used for any living patient (this also includes images, videos, charts etc). all use of NHS patient data even if you consider the data being held to be non-identifiable data. it is the responsibility of the Caldicott Guardian to review the use of all data and determine if it is appropriately anonymised to ensure that this it non- identifiable. if identifiable data is to be used then you must be able to justify the requirement for use of this data. all databases created for the purposes of research to hold patient identifiable data must also be registered for data protection purposes

5 Caldicott Principles Justify the purpose for using person identifiable information (PII) Only use PII when absolutely necessary Use only the minimum PII required Access is on a strict “need to know” basis Everyone must be aware of their responsibilities You must comply with the law

6 Caldicott Principles and Data Protection DP1 Fair & Lawful DP2 Specific Purposes DP3 Adequate, Relevant and Not Excessive DP4 Accurate DP5 Retention DP6 Individual' s Rights DP7 Held & Used Securely DP8 Safe Non- EEA Transfers C1 Justify the Purpose   C2 Necessary      C3 Minimum   C4 “Need to Know”     C5 Responsib ilities     C6 Comply with Law 

7 Caldicott Requirements The Caldicott Guardian has to ensure that proposals comply with Caldicott Principles and that the technical and operational arrangements that are proposed will safeguard the information to be provided: the justification for using PII? – linkage, other data sets what that data is? – data items physical or electronic where you will get the data from? – collected, manually or electronically extracted is data to be collected from more than one source?

8 Caldicott Requirements how you will get that data? – encrypted transfer, email who will provide you with the data? – an authorised administrator, self, colleague, service who will have access to the data? – co-users, data entry, processors how you intend to protect the data given to you? – anonymisation, encryption, retention if individuals are to be contacted who will do that and how will that be done? – GP, responsible medical officer, researcher

9 Researcher NHS Tayside Systems Central Vision TOPAS MiDiS Health Informatics Centre NHS Generic Caldicott Approval If the study is limited to: a) using electronic data already held within, or accessed via HIC and will be undertaken using anonymised data or b) also includes data collected directly from a patient who has explicitly consented to its use for this research and it is anonymously linked to other electronic data held within, or accessed via, HIC …the study will not require explicit Caldicott Guardian approval. The researcher will have no access to any identifiable data. Any request for identifiable data will require specific Caldicott approval. Request for Anonymous Data Request for Identifiable Data Researcher Caldicott Approval Caldicott Arrangements - HIC

10 Live NHS Tayside System e.g. Central Vision System Administrator Where a study relies on electronic data already held in an NHS Tayside clinical information system then Caldicott Guardian approval is required. Access to systems requires the identification of the person accessing data to be recorded by means of a transaction log. Such logs are essential evidence of legitimate (in this case approved) access and form part of the person’s personal data. These records will be disclosed as part of any subject access request and any investigation of activity around patient’s records. The researcher will normally have no access to any identifiable data unless specific approval has been given. Request for Identifiable or Anonymous Data Researcher Caldicott Approval Caldicott Arrangements - Clinical Systems

11 Caldicott Approval Caldicott Approval is concerned with: controlling access to patient identifiable information ensuring that adequate operational data handling arrangements are in place that clearly establish responsibilities ensuring that adequate technical data handling arrangements are in place to safeguard the data maintaining the trust and reassurance of patients in our handling of their personal data

12 Information Governance Peter McKenzie Information Governance Manager NHS Tayside informationgovernance.tayside@nhs.net

Download ppt "Information Governance Peter McKenzie Information Governance Manager NHS Tayside"

Similar presentations

NIGB Legal requirements for use of personal data in research OnCore UK / NRES Training workshop Ethical Principles relating to consent for use of samples.

NIGB Legal requirements for use of personal data in research OnCore UK / NRES Training workshop Ethical Principles relating to consent for use of samples.
NATIONAL INFORMATION GOVERNANCE BOARD

NATIONAL INFORMATION GOVERNANCE BOARD
Nomination of IM&T Lead and Caldicott Guardian. Click hereClick here for guidance on the Caldicott Guardians Responsibilities. Work through the Information.

Nomination of IM&T Lead and Caldicott Guardian. Click hereClick here for guidance on the Caldicott Guardians Responsibilities. Work through the Information.
Information Governance, Love it or Hate it!

Information Governance, Love it or Hate it!
Administrative Systems and the Law What you need to know to produce an oral presentation for Unit 7 When the presentations will take place Resources you.

Administrative Systems and the Law What you need to know to produce an oral presentation for Unit 7 When the presentations will take place Resources you.
Records Management and the NHS Code of Practice (Foundation) Information Governance Policy Team NHS Connecting for Health.

Records Management and the NHS Code of Practice (Foundation) Information Governance Policy Team NHS Connecting for Health.
Information Governance An Introduction. Information Governance Outline What is Information Governance What initiatives does IG cover.

Information Governance An Introduction. Information Governance Outline What is Information Governance What initiatives does IG cover.
Introduction to Information Governance (IG)

Introduction to Information Governance (IG)
Records Management and the NHS Code of Practice (Foundation) Information Governance Policy Team NHS Connecting for Health.

Records Management and the NHS Code of Practice (Foundation) Information Governance Policy Team NHS Connecting for Health.
Quick Guide to Undertaking an Information Governance Compliant Clinical Audit Project Wendy Harrison and Heather Sharp NHS Bradford and Airedale.

Quick Guide to Undertaking an Information Governance Compliant Clinical Audit Project Wendy Harrison and Heather Sharp NHS Bradford and Airedale.
Confidentiality & Records Management. What is Information Governance? What is Records Management?

Confidentiality & Records Management. What is Information Governance? What is Records Management?
Data Protection.

Data Protection.
Revised Caldicott Manual- Practice Managers Groups Revised Caldicott Manual – November 2008.

Revised Caldicott Manual- Practice Managers Groups Revised Caldicott Manual – November 2008.
Information Sharing Options Phil Walker. Outline I have been asked to present a range of options for lawful data sharing. There is unlikely to be one.

Information Sharing Options Phil Walker. Outline I have been asked to present a range of options for lawful data sharing. There is unlikely to be one.
What does the Data Protection Act do? It sets standards which must be satisfied when obtaining, recording, holding, using, disclosing or disposing of.

What does the Data Protection Act do? It sets standards which must be satisfied when obtaining, recording, holding, using, disclosing or disposing of.
Data Protection Data Protection Acts 1988 & 2003 Directive 95/46/EC Privacy.

Data Protection Data Protection Acts 1988 & 2003 Directive 95/46/EC Privacy.
DATA PROTECTION AND PATIENT CONFIDENTIALITY IN RESEARCH Nic Drew Data Protection Manager University Hospital of Wales  2074 6677  2074 5626 

DATA PROTECTION AND PATIENT CONFIDENTIALITY IN RESEARCH Nic Drew Data Protection Manager University Hospital of Wales   
Audiences NI Data Protection Workshop

Audiences NI Data Protection Workshop
Data Protection Paul Veysey & Bethan Walsh. Introduction Data Protection is about protecting people by responsibly managing their data in ways they expect.

Data Protection Paul Veysey & Bethan Walsh. Introduction Data Protection is about protecting people by responsibly managing their data in ways they expect.
Audit of Practice Around Record Keeping and Partner Notification Maeve Cross & Martin Murchie.

Audit of Practice Around Record Keeping and Partner Notification Maeve Cross & Martin Murchie.

Similar presentations

Ads by Google