1 / 26

Information Governance

Information Governance. What you will learn in this session?. P rinciples of Information Governance and their application to health and social care organisations Accessing Information Governance resources including national legislation, guidance and local policies & procedures

montague-santos
Télécharger la présentation

Information Governance

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Information Governance

  2. What you will learn in this session? Principles of Information Governance and their application to health and social care organisations Accessing Information Governance resources including national legislation, guidance and local policies & procedures Health and social care organisations’ responsibilities Protection of an individual’s confidentiality and the Caldicott Principles How to practice and promote a confidential service Principles of ensuring and maintaining good client records Recognising / responding to Freedom of Information requests Keeping Information Secure

  3. What is Information Governance? • Information Governance is about how health and social care organisations and their employees must handle sensitive information IG is to do with howNHS/Social Careorganisations and individuals handle information

  4. A framework of legal and ethical principles that apply when sensitive information is collected, processed and shared What is Information Governance? Howorganisations& individuals handlepersonal & sensitive information Excellent Care is built on a Foundation of confidence & trust Different Data Sets: • Personal & Sensitive (Healthcare records) • Person based & anonymous (Research data) • Corporate(Trust Financial Accounts) Principlesof Law andbest practice Slide 4 of 21

  5. What is Information? • Personal • Sensitive • Corporate • Examples • Name, Address,Date of Birth,Next of Kin • Ethnicity, Diagnosis, Illness & Disorders, Sexual Orientation • Minutes of Meetings, Employee Details, Financial Information

  6. Why is Information Governance so important? • Information is critical for safe, timely and effective care • Information is sensitive • Excellent healthcare is built on a foundation of confidence & trust For patients and service users

  7. Why is Information Governance so important? • Sensitive information • Ethical and legal responsibility of every employee • Information must be: accessed, used & shared appropriately • For an employee

  8. Why is Information Governance so important? • Ethical and legal responsibility of every organisation • Breaches of confidentiality costs money and reputation • For a health or social careorganisation

  9. Information Governance requirements for health & social care organisations ; Trust policies, guidelines and procedures All information must be: • Held securely and confidentially • Obtained fairly and efficiently • Recorded accurately and reliably • Used effectively and ethically • Shared appropriately and lawfully

  10. The Law and Information Governance • People have legal rights through common law to confidentiality • It is an offence to access / attempt to access computer systems without appropriate authorisation • States legal obligations for the collection, use, sharing and disclosure of personal information • Enshrines a basic human right for all to have the right to privacy • Allows the public to request information held by Public Authorities • Common Law Duty of Confidentiality • Computer Misuse Act 1990 • Data Protection Act 1998 • The Human Rights Act 1998 • The Freedom of Information Act 2000

  11. Standards, Policies &Codes of Practice • Information Security Standards – ISO/IEC 17799: 2005 and IS Management NHS Code of Practice • The NHS Confidentiality Code of Practice • The Records Management NHS Code of Practice • Information Quality Assurance

  12. The Caldicott principles must be used when accessing and using Patient Identifiable Information (PID) or confidential information and which must be maintained by all healthcare organisations. Justify the purpose of using confidential information Only use it when absolutely necessary Use the minimum information required Allow access on a strict need-to-know basis Always understand your responsibility Understand and comply with the law The duty to share information can be as important as the duty to protect patient confidentiality Always follow the Caldicott Principles Slide 12 of 21

  13. Q.Who is a Caldicott Guardian? A.A senior person in the organisation responsible for ensuring the Caldicott principles are applied and maintained Q.Are you unsure whether to disclose? A.Don’t disclose Ask your manager or the Caldicott Guardian Caldicott Guardians

  14. Subject Access Requests • Individuals have the right to access sensitive information including paper, computer records and other related information • Patients can request access to their medical record • Employees can request access to their personal records

  15. What is a Freedom of Information (FOI) Request? • A request for official information held by Public Bodies such as hospital trusts • Public have a right to access/view all non-personal, public authority information • Purpose is to promote openness & accountability • Requests must be made in writing • There are Exemptions • Law requires that any FOI request must receive a response within 20 days Direct Freedom of Information requests to the Lead in your Organisation

  16. Can you recognise a Freedom of Information (FOI) Request? Dear Sir/Madam, I would like to know how much the Trust is spending on the new A&E unit due to be completed in March 2014. I would like a list of the new medical and non medical equipment being purchased for this unit. Yours sincerely Daniel Radcliffe MP Dear FOI Lead, I have recently undergone an operation on my hip at your Trust and would like to see all the notes in my health record regarding this period of care. Please give me an indication of when this information can be provided to me. Yours sincerely Mrs A Smith

  17. Duty of Confidence • You have a legal duty to protect and maintain confidentiality • There’s a confidentiality clause in your contract of employment • You have a professional duty of confidence It’s in your Code of Professional Conduct Slide 17 of 21

  18. Duty of Confidence Be careful and cautious when answering the telephone: • Callers request information under false pretences • Requests for information need to be verified • If possible, always obtain requests in writing Are you unsure? Don’t discloseAsk your manager or the Caldicott Guardian who’s responsible for ensuring confidentiality

  19. Good Quality Record Keeping • Does a record already exist? • Records must be clear, factual, accurate & complete • Can everybody else read them? • Complete them quickly! • Make sure they dated, timed and signed • Keep information up-to-date • Store them safely • Read them, check them, then check again! Slide 19 of 21

  20. Good Quality Record Keeping • Check the minimum period records have to be retained • Are you deleting records? If so check the organisation’s Disposal of Records Policy and Procedures

  21. Information Security Information security is about ensuring information is: • Protected and secure • Reliable • Available to authorised users only Your responsibilities are to ensure: • Records are correctly stored • Passwords are kept secure • Report inappropriate disclosures • Safe Haven processes when faxing are used • Delete spam mail without opening • You don’t download unauthorised software • You use IT equipment correctly Any breaches of data security, no matter how small must be reported

  22. Information Security – A serious matter • Organisations have systems in place to monitor the access, use of systems and information by staff • Failure to comply with legal obligations or organisational policy & guidelines could mean disciplinary and legal action being taken

  23. Your Responsibilities • DO • Protect an individual’s information • Be aware of national & local information, Policy & Procedures • Inform patients how information is used and when it may be disclosed • Help to improve the way organisation protects information • Report any suspected or actual breaches of information security • Seek advice from the appropriate leads if you have any Information Governance concerns • DON’T • Send confidential, person-identifiable data without applying the required encryption/security measures • Store Personal/Sensitive information on unencrypted and unauthorised portable devices • Disclose confidential information with unauthorised people • Leave person-identifiable data (PID) unattended or in vehicles • Access inappropriate websites • Use an organisation's equipment or information to promote private business or for financial gain

  24. Useful sources of Information and links Further advice Contact your local Information Governance Manager or Lead Useful Links • Information Commissioners Office www.ico.org.uk/ • Connecting for Health Toolkit www.igt.hscic.gov.uk/

  25. Thank you for the support in developing these materials • Michael Abbotts St Helens and Knowsley NHS Hospitals Trust • Jonathan Mayes Information Risk ManagerPennine Care NHS Foundation Trust • Trish Noon Information Governance Manager Pennine Acute Hospitals NHS TrustTrish’s original presentation was used as the basis for these materials • Barbara Smart Data Protection Liaison Officer Royal Liverpool and Broadgreen University Hospitals NHS Trust • Cora Suckley Information Governance Project Coordinator The Clatterbridge Cancer Centre NHS Foundation Trust • Menna Harland Academic Lead for Practice Learning Liverpool John Moores University • Nick Moseley Moseley Multimedia Ltd

  26. THANK YOUAny Questions? Insert trainer’s name, telephone number and email here

More Related