SlideShare une entreprise Scribd logo

Information governance

Télécharger en tant que PPTX, PDF
G
Gerardo Medina

Information governance

Formation
1  sur  24
+ Information Governance Everyone’s Responsibility
www.cddft.nhs.uk Key Learning Points What Information Governance is. What YOU need to do to make this work. Follow the Caldicott Guidelines Provide a Confidential Service Comply with the Law. Understand the Data Protection Act Principles Recognise a Freedom of Information Act request Follow the Records Management NHS Code. Keep Information Secure. Input Quality Information.
www.cddft.nhs.uk NHS IG Standards After serious losses of personal information, including the loss in 2007 of computer disks containing the names, addresses and bank details of 25 million child benefit claimants, the Government conducted a Data Handling Review (June 2008). This sets out mandatory measures for public bodies on protecting personal data such as staff training and committed the Government to publicly reporting progress on putting these measures into place.
www.cddft.nhs.uk NHS IG Standards • The first progress report of the UK Government’s Data Handling Review was published in January 2010 and noted the NHS progress in improving the following standards of information handling: • Performance management to push improvements. • Contracts with organisations being renegotiated to make sure confidentiality and security protections are in place. • Older computer systems being replaced with modern systems that have state of the art security. • Nearly one million encryption licences were in use under a nationally negotiated contract. • Encryption had been mandated for all patient data held on portable devices (e.g. memory sticks, laptops). • Online training was made available to over one million staff (e.g. IG training module). • The information governance framework and guidance had been further developed so that NHS organisations were clear about expected standards.
www.cddft.nhs.uk The NHS operating framework The Department of Health (DH) published an ‘Operating Framework’ which set out objectives for the NHS key themes included: •Organisations must meet all Information Governance requirements set out by DH by 31st March each year (the level of compliance is then reported to DH and Care Quality Commission) •Ensuring that all staff receive annual basic Information Governance training (through the online NHS IG Training Tool, Face to Face or Accredited Learning Package). •Reporting on the management of information risks •Publishing security breaches in annual reports.
www.cddft.nhs.uk CONFIDENTIALITY Personal Information Sensitive Personal Information Personal information is legally classed as sensitive when it makes reference to particular matters of an identifiable person, such as his/her health, ethnicity, religion, criminal record or sexual life. These are also listed in the Data Protection Act 1998. Other details, e.g. a person’s bank account details, DNA or finger prints are not listed in the Data Protection Act 1998 but are still regarded as sensitive because of the damage and distress that could be caused if they were not properly protected. The rules set out in the Data Protection Act only apply to information about living individuals – not the deceased. This differs to the common law duty of confidentiality which continues after the death of the patient. Information about an individual is personal information when it enables an individual to be identified. It is non-personal when it doesn’t. This isn’t always straightforward, e.g. a person’s name and address are clearly personal information when presented together, but an unusual surname may itself enable someone to be identified. This is an important distinction in law.
www.cddft.nhs.uk CONFIDENTIALITY Confidential Information – Health & Staff Information Personal and sensitive personal information is classed as confidential if it was provided in circumstances where an individual could reasonably expect that it would be held in confidence, e.g. a healthcare professional and patient. This applies to staff working on behalf of the health professional such as pharmacy / dental and eyecare staff. Confidentiality is accepted to extend after the death of the patient or staff member. Personal or Sensitive Information CAN be Confidential Information Whether information is confidential or not depends on the circumstances under which it was provided. If it is: private information about a person AND given to someone who has a duty of confidence AND expected to be used in confidence THEN IT IS CONFIDENTIAL INFORMATION.
www.cddft.nhs.uk Disclosing information Confidential information should not normally be used (which includes sharing and disclosing) unless one of the following criteria are met. 1. The person has given consent for the disclosure. For patients: • Consent may be implied for care purposes and related purposes that support or check the quality of care provided. • For other purposes consent should be specifically sought. 2. There is a legal basis which permits or requires disclosure of confidential information. 3. There are exceptional circumstances (e.g. investigation or prevention of serious crime) where the overriding public interest outweighs the duty of confidentiality.
www.cddft.nhs.uk Caldicott guardian •In 1997 a review was carried out into the use of patient identifiable information in the NHS. This was carried out because there were concerns about how patient information was being handled and transferred. •Dame Fiona Caldicott chaired the ‘Caldicott Review’. The report set out principles and recommendations for the security of patient information. •An important recommendation was that a senior clinician should be nominated in each NHS Trust to act as the Trust’s conscience for the uses of patient identifiable information. These senior clinicians are known as ‘Caldicott Guardians’. •In independent contractor organisations such as General Practice, Pharmacy, Dental Practice and Eye Care Services a person, normally the practice manager, will act as the ‘Information Governance Lead’ and coordinate Information Governance issues including the Caldicott principles and recommendations.
www.cddft.nhs.uk Six Caldicott principles The six Caldicott principles support the confidentiality and security controls on using patient information. The principles should be used whenever a use of confidential information is being considered and in particular when there is an intention to transfer confidential information to another organisation: 1. Justify the purpose for using confidential information. 2. Only use it when absolutely necessary. 3. Use the minimum required. 4. Access should be on a strict need-to-know basis. 5. Everyone must understand their responsibilities. 6. Everyone must understand and comply with the law.
www.cddft.nhs.uk NHS care record guarantee The National Information Governance Board is a statutory body which champions the confidentiality and security of health and social care services records, especially records containing clinical and care information. The Board published the NHS Care Record Guarantee in 2005. The Guarantee sets out rules that govern how patient information is used in the NHS. This includes: •people’s access to their own records •controls; monitoring and policing staff access to patient files •options that patients have to limit access •access in an emergency •what happens when someone cannot make decisions for themselves.
www.cddft.nhs.uk Data Protection Act 1998 UK law in the form of the Data Protection Act 1998 governs how organisations may use personal information (about living people), including how they acquire, store, share or dispose of it. The Information Commissioners Office (ICO) is the UK’s independent regulator set up to uphold the public’s information rights by promoting data privacy for individuals (and openness by public bodies). The ICO investigates complaints made by the public and provides guidance for the public and organisations. Under the Act, organisations that process personal information must notify the ICO (unless they are exempt). The organisations’ details are entered on a public register (available on the internet). Failure to notify is a criminal offence.
www.cddft.nhs.uk COMPLY WITH THE LAW Data Protection Act 1998 – It is your responsibility to understand the principles in relation to your role and the organisation. The Data Protection Principles - Personal data must be: 1. Processed fairly and lawfully 2. Processed for specified purposes 3. Adequate, relevant and not excessive 4. Accurate and up-to-date 5. Not kept for longer than necessary 6. Processed in accordance with the rights of data subjects 7. Protected by appropriate security (practical and organisational) 8. Not transferred outside the EEA without adequate protection
www.cddft.nhs.uk FREEDOM OF INFORMATION ACT Public Authorities (including NHS Trusts, Local Authorities, Dentists, Doctors, Eye Care Services and Pharmacists), are subject to the legal obligations of the Freedom of Information (FOI) Act 2000. Public Authorities have only 20 working days to respond to written information requests. This is the limit set out by law. Speak to your Line Manager if you are unsure about your organisation’s procedure for dealing with FOI requests. The Information Commissioners Office (ICO) is the independent regulator set up to uphold people’s information rights by promoting openness for public bodies. The CDDFT Freedom of Information Officer is JOANNA TYRELL (nee JENKINS)
www.cddft.nhs.uk NHS Constitution The NHS Constitution was first published on 21 January 2009 and was updated after public consultation in March 2010. It describes the principles of the NHS in England and the rights and responsibilities of patients, public and staff. One such right is that patients can expect the NHS to keep their confidential information safe and secure. All NHS bodies and private and third sector providers supplying NHS services are required by law to take account of the NHS Constitution in their decisions and actions. The NHS Constitution will be renewed every ten years.
www.cddft.nhs.uk HANDLING INFORMATION Holding it securely and confidentially Obtaining it fairly and efficiently Recording it accurately and reliably Using it effectively and ethically Sharing it appropriately and lawfully
www.cddft.nhs.uk If you are not sure or in doubt, don’t disclose. Immediately seek further advice from your Line Manager or The Caldicott Guardian
www.cddft.nhs.uk Follow the Records Management NHS Code of Practice Best Practice Guidance States: All Staff have a legal and professional obligation to be responsible for any records which they create or use in the performance of their duties. Any record created by an individual, up to the end of its retention period, is a public record and subject to Information requests (FOI, DPA and Subject Access).
www.cddft.nhs.uk Input Quality Information Right information, Right place, Right time Accuracy is just one quality that we expect in records. But other qualities are also needed for the information to be useful, e.g. it would be pointless having information which was 100% accurate but wasn’t available in time for it to be used. Information is used to make decisions throughout the health sector each day in all sorts of situations. Sometimes this information needs to be extremely high quality, such as quick and accurate test results to help decide a patient’s urgent condition and treatment. Other information may be less urgent or the level of accuracy may be less vital, such as an annual national comparison of ‘flu injections for forward planning. Whatever the situation, the right information should be in the right place at the right time - and that needs to be achieved every time. Poor quality information Poor quality information is bad for patient care, bad for funding and bad for reputation, e.g. Incomplete, inadequately analysed data can lead to serious failures in service. Poor demographic data results in duplicate and confused entries on patient record systems. Confused patient identity numbers can lead to the wrong patient being treated. Inadequate records lead to poorly planned care. Poor data results in poor commissioning, monitoring, planning and financing of services.
www.cddft.nhs.uk Input Quality Information High quality information The NHS takes Information Quality very seriously because the consequences can be vital to patient outcomes or, in the case of planning, result in too much or not enough service provision. High quality means: C omplete A ccurate R elevant A ccessible T imely
www.cddft.nhs.uk DON’T SHARE YOUR SMARTCARD OR PASSWORD “Can I borrow your Credit Card & PIN number?” “Of course you can!” Could you imagine having this conversation with a colleague?
www.cddft.nhs.uk BE AWARE
www.cddft.nhs.uk Major causes of breaches include • Information disclosed in error • Lost data/hardware • Information lost in transit • Stolen data or hardware • A technical or procedural failure • Breach arising from non-secure disposal SECURITY BREACHES
www.cddft.nhs.uk • Follow Organisation Policies • Protect Information Physically • Practice Password Management • Transfer Information Securely • Report Breaches of Security to Management Keep Information Secure It is your responsibility to keep all personal & sensitive information secure

Recommandé

Pros and cons of ehr
Pros and cons of ehrPros and cons of ehr
Pros and cons of ehr
Nortec Ehr
 
Patient Education ppt
Patient Education pptPatient Education ppt
Patient Education ppt
Pauline Zarling
 
KNOWLEDGE MANAGEMENT IN MEDICINE
KNOWLEDGE MANAGEMENT IN MEDICINE KNOWLEDGE MANAGEMENT IN MEDICINE
KNOWLEDGE MANAGEMENT IN MEDICINE
Society for Microbiology and Infection care
 
Health informatics
Health informaticsHealth informatics
Health informatics
Brian Wells, MD, MS, MPH
 
Standardized Terminologies for EHRs
Standardized Terminologies for EHRsStandardized Terminologies for EHRs
Standardized Terminologies for EHRs
Health Informatics New Zealand
 
Health care communication
Health care communicationHealth care communication
Health care communication
raveen mayi
 
Issues and challenges in electronic health records
Issues and challenges in electronic health recordsIssues and challenges in electronic health records
Issues and challenges in electronic health records
ronaldoyacatjr
 
Hospital Information Management System 24092010
Hospital Information Management System 24092010Hospital Information Management System 24092010
Hospital Information Management System 24092010
Seema Kavatkar
 

Recommandé

Pros and cons of ehr
Pros and cons of ehrPros and cons of ehr
Pros and cons of ehr
Nortec Ehr
 
Patient Education ppt
Patient Education pptPatient Education ppt
Patient Education ppt
Pauline Zarling
 
KNOWLEDGE MANAGEMENT IN MEDICINE
KNOWLEDGE MANAGEMENT IN MEDICINE KNOWLEDGE MANAGEMENT IN MEDICINE
KNOWLEDGE MANAGEMENT IN MEDICINE
Society for Microbiology and Infection care
 
Health informatics
Health informaticsHealth informatics
Health informatics
Brian Wells, MD, MS, MPH
 
Standardized Terminologies for EHRs
Standardized Terminologies for EHRsStandardized Terminologies for EHRs
Standardized Terminologies for EHRs
Health Informatics New Zealand
 
Health care communication
Health care communicationHealth care communication
Health care communication
raveen mayi
 
Issues and challenges in electronic health records
Issues and challenges in electronic health recordsIssues and challenges in electronic health records
Issues and challenges in electronic health records
ronaldoyacatjr
 
Hospital Information Management System 24092010
Hospital Information Management System 24092010Hospital Information Management System 24092010
Hospital Information Management System 24092010
Seema Kavatkar
 
Implementation in nursing process , an important nursing intervention
Implementation in nursing process , an important nursing interventionImplementation in nursing process , an important nursing intervention
Implementation in nursing process , an important nursing intervention
Deblina Roy
 
Clinical information system
Clinical information systemClinical information system
Clinical information system
NUR3563Team1
 
TRANSCULTURAL.pptx
TRANSCULTURAL.pptxTRANSCULTURAL.pptx
TRANSCULTURAL.pptx
Sapna Thakur
 
Nursing process,,,Assessment
Nursing process,,,AssessmentNursing process,,,Assessment
Nursing process,,,Assessment
Arifa T N
 
Privacy & confedentiality
Privacy & confedentialityPrivacy & confedentiality
Privacy & confedentiality
Hemang Patel
 
Nursing process
Nursing processNursing process
Nursing process
Ramesh Mordi
 
Final presentation patient satisfaction
Final presentation patient satisfactionFinal presentation patient satisfaction
Final presentation patient satisfaction
Jack Westgarth
 
Definition: Patient-Centered Care
Definition: Patient-Centered CareDefinition: Patient-Centered Care
Definition: Patient-Centered Care
Alexis Sheehy, MBA
 
Communication In Healthcare New
Communication In Healthcare NewCommunication In Healthcare New
Communication In Healthcare New
wraithxjmin
 
Communication ppt
Communication pptCommunication ppt
Communication ppt
RajikHussen1
 
Health Informatics and Patient Safety
Health Informatics and Patient SafetyHealth Informatics and Patient Safety
Health Informatics and Patient Safety
Health Informatics New Zealand
 
Health Information Management Overview
Health Information Management OverviewHealth Information Management Overview
Health Information Management Overview
Daphnee Fuentevilla
 
Stress and adaptation
Stress and adaptationStress and adaptation
Stress and adaptation
Flavia Dass
 
Patient's Bill of Rights
Patient's Bill of Rights Patient's Bill of Rights
Patient's Bill of Rights
BP KOIRALA INSTITUTE OF HELATH SCIENCS,, NEPAL
 
Health informatics
Health informatics Health informatics
Health informatics
yashwant ramawat
 
Hospital information system for Nurses
Hospital information system for NursesHospital information system for Nurses
Hospital information system for Nurses
Royal College of Nursing
 
Patient Centered Care: Investing in a Patient Education Solution
Patient Centered Care: Investing in a Patient Education SolutionPatient Centered Care: Investing in a Patient Education Solution
Patient Centered Care: Investing in a Patient Education Solution
Krames Patient Education
 
Clinical Pathways
Clinical PathwaysClinical Pathways
Clinical Pathways
pradhasrini
 
Health information system
Health information systemHealth information system
Health information system
SushantLuitel1
 
Patient record system
Patient record system Patient record system
Patient record system
SusymaryThomas
 
Intro to information governance booklet
Intro to information governance bookletIntro to information governance booklet
Intro to information governance booklet
Gerardo Medina
 
Data Privacy and consent management .. .
Data Privacy and consent management .. .Data Privacy and consent management .. .
Data Privacy and consent management .. .
ClinosolIndia
 

Contenu connexe

Tendances

Final presentation patient satisfaction
Final presentation patient satisfactionFinal presentation patient satisfaction
Final presentation patient satisfaction
Jack Westgarth
 
Definition: Patient-Centered Care
Definition: Patient-Centered CareDefinition: Patient-Centered Care
Definition: Patient-Centered Care
Alexis Sheehy, MBA
 
Communication In Healthcare New
Communication In Healthcare NewCommunication In Healthcare New
Communication In Healthcare New
wraithxjmin
 
Health Information Management Overview
Health Information Management OverviewHealth Information Management Overview
Health Information Management Overview
Daphnee Fuentevilla
 
Clinical Pathways
Clinical PathwaysClinical Pathways
Clinical Pathways
pradhasrini
 

Tendances (20)

Implementation in nursing process , an important nursing intervention
Implementation in nursing process , an important nursing interventionImplementation in nursing process , an important nursing intervention
Implementation in nursing process , an important nursing intervention
 
Clinical information system
Clinical information systemClinical information system
Clinical information system
 
TRANSCULTURAL.pptx
TRANSCULTURAL.pptxTRANSCULTURAL.pptx
TRANSCULTURAL.pptx
 
Nursing process,,,Assessment
Nursing process,,,AssessmentNursing process,,,Assessment
Nursing process,,,Assessment
 
Privacy & confedentiality
Privacy & confedentialityPrivacy & confedentiality
Privacy & confedentiality
 
Nursing process
Nursing processNursing process
Nursing process
 
Final presentation patient satisfaction
Final presentation patient satisfactionFinal presentation patient satisfaction
Final presentation patient satisfaction
 
Definition: Patient-Centered Care
Definition: Patient-Centered CareDefinition: Patient-Centered Care
Definition: Patient-Centered Care
 
Communication In Healthcare New
Communication In Healthcare NewCommunication In Healthcare New
Communication In Healthcare New
 
Communication ppt
Communication pptCommunication ppt
Communication ppt
 
Health Informatics and Patient Safety
Health Informatics and Patient SafetyHealth Informatics and Patient Safety
Health Informatics and Patient Safety
 
Health Information Management Overview
Health Information Management OverviewHealth Information Management Overview
Health Information Management Overview
 
Stress and adaptation
Stress and adaptationStress and adaptation
Stress and adaptation
 
Patient's Bill of Rights
Patient's Bill of Rights Patient's Bill of Rights
Patient's Bill of Rights
 
Health informatics
Health informatics Health informatics
Health informatics
 
Hospital information system for Nurses
Hospital information system for NursesHospital information system for Nurses
Hospital information system for Nurses
 
Patient Centered Care: Investing in a Patient Education Solution
Patient Centered Care: Investing in a Patient Education SolutionPatient Centered Care: Investing in a Patient Education Solution
Patient Centered Care: Investing in a Patient Education Solution
 
Clinical Pathways
Clinical PathwaysClinical Pathways
Clinical Pathways
 
Health information system
Health information systemHealth information system
Health information system
 
Patient record system
Patient record system Patient record system
Patient record system
 

Similaire à Information governance

Data Privacy and consent management .. .
Data Privacy and consent management .. .Data Privacy and consent management .. .
Data Privacy and consent management .. .
ClinosolIndia
 
Governance And Data Protection In The Health Sector - Billy Hawkes
Governance And Data Protection In The Health Sector - Billy HawkesGovernance And Data Protection In The Health Sector - Billy Hawkes
Governance And Data Protection In The Health Sector - Billy Hawkes
healthcareisi
 
TrustArc Webinar - Privacy in Healthcare_ Ensuring Data Security
TrustArc Webinar - Privacy in Healthcare_ Ensuring Data SecurityTrustArc Webinar - Privacy in Healthcare_ Ensuring Data Security
TrustArc Webinar - Privacy in Healthcare_ Ensuring Data Security
TrustArc
 
TrustArc Webinar: Level-Up Your Healthcare Privacy Program
TrustArc Webinar: Level-Up Your Healthcare Privacy ProgramTrustArc Webinar: Level-Up Your Healthcare Privacy Program
TrustArc Webinar: Level-Up Your Healthcare Privacy Program
TrustArc
 

Similaire à Information governance (20)

Intro to information governance booklet
Intro to information governance bookletIntro to information governance booklet
Intro to information governance booklet
 
Data Privacy and consent management .. .
Data Privacy and consent management .. .Data Privacy and consent management .. .
Data Privacy and consent management .. .
 
Data privacy and consent management (K.sailaja).pptx
Data privacy and consent management (K.sailaja).pptxData privacy and consent management (K.sailaja).pptx
Data privacy and consent management (K.sailaja).pptx
 
Governance And Data Protection In The Health Sector - Billy Hawkes
Governance And Data Protection In The Health Sector - Billy HawkesGovernance And Data Protection In The Health Sector - Billy Hawkes
Governance And Data Protection In The Health Sector - Billy Hawkes
 
Overview on data privacy
Overview on data privacy Overview on data privacy
Overview on data privacy
 
Things you need to know about info governance to sell healthtech products int...
Things you need to know about info governance to sell healthtech products int...Things you need to know about info governance to sell healthtech products int...
Things you need to know about info governance to sell healthtech products int...
 
Pdpa presentation
Pdpa presentationPdpa presentation
Pdpa presentation
 
Data protection and data integrity
Data protection and data integrity Data protection and data integrity
Data protection and data integrity
 
Data Privacy and Security in Clinical Trials: Safeguarding Patient Information
Data Privacy and Security in Clinical Trials: Safeguarding Patient InformationData Privacy and Security in Clinical Trials: Safeguarding Patient Information
Data Privacy and Security in Clinical Trials: Safeguarding Patient Information
 
The U.S. Healthcare Implications of Europe’s Stricter Data Privacy Regulation
The U.S. Healthcare Implications of Europe’s Stricter Data Privacy RegulationThe U.S. Healthcare Implications of Europe’s Stricter Data Privacy Regulation
The U.S. Healthcare Implications of Europe’s Stricter Data Privacy Regulation
 
Protection of patient data in EU vs. US
Protection of patient data in EU vs. USProtection of patient data in EU vs. US
Protection of patient data in EU vs. US
 
Training innovations information governance slideshare 2015
Training innovations information governance slideshare 2015Training innovations information governance slideshare 2015
Training innovations information governance slideshare 2015
 
TrustArc Webinar - Privacy in Healthcare_ Ensuring Data Security
TrustArc Webinar - Privacy in Healthcare_ Ensuring Data SecurityTrustArc Webinar - Privacy in Healthcare_ Ensuring Data Security
TrustArc Webinar - Privacy in Healthcare_ Ensuring Data Security
 
TrustArc Webinar: Level-Up Your Healthcare Privacy Program
TrustArc Webinar: Level-Up Your Healthcare Privacy ProgramTrustArc Webinar: Level-Up Your Healthcare Privacy Program
TrustArc Webinar: Level-Up Your Healthcare Privacy Program
 
Ethical Considerations for Healthcare Analytics Data Disposal.pdf
Ethical Considerations for Healthcare Analytics Data Disposal.pdfEthical Considerations for Healthcare Analytics Data Disposal.pdf
Ethical Considerations for Healthcare Analytics Data Disposal.pdf
 
Slides dr farah jameel's gdpr presentation april 2018
Slides dr farah jameel's gdpr presentation april 2018Slides dr farah jameel's gdpr presentation april 2018
Slides dr farah jameel's gdpr presentation april 2018
 
GDPR Breakfast Briefing - For Business Owners, HR Directors, Marketing Direct...
GDPR Breakfast Briefing - For Business Owners, HR Directors, Marketing Direct...GDPR Breakfast Briefing - For Business Owners, HR Directors, Marketing Direct...
GDPR Breakfast Briefing - For Business Owners, HR Directors, Marketing Direct...
 
What You Need to Know About Privacy
What You Need to Know About PrivacyWhat You Need to Know About Privacy
What You Need to Know About Privacy
 
What You Need To Know About Privacy - Now!
What You Need To Know About Privacy - Now!What You Need To Know About Privacy - Now!
What You Need To Know About Privacy - Now!
 
GDPR Breakfast Briefing for Business Advisors
GDPR Breakfast Briefing for Business AdvisorsGDPR Breakfast Briefing for Business Advisors
GDPR Breakfast Briefing for Business Advisors
 

Plus de Gerardo Medina

Plus de Gerardo Medina (6)

How to use must
How to use mustHow to use must
How to use must
 
Nutrition and must
Nutrition and mustNutrition and must
Nutrition and must
 
Case law medicines management
Case law medicines managementCase law medicines management
Case law medicines management
 
The law and medicine management
The law and medicine managementThe law and medicine management
The law and medicine management
 
Return to professional practice drug calculation
Return to professional practice drug calculationReturn to professional practice drug calculation
Return to professional practice drug calculation
 
NMC handbook on Prep Requirements
NMC handbook on Prep RequirementsNMC handbook on Prep Requirements
NMC handbook on Prep Requirements
 

Dernier

The basics of sentences session 3pptx.pptx
The basics of sentences session 3pptx.pptxThe basics of sentences session 3pptx.pptx
The basics of sentences session 3pptx.pptx
heathfieldcps1
 
Jual Obat Aborsi Hongkong ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan...
Jual Obat Aborsi Hongkong ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan...Jual Obat Aborsi Hongkong ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan...
Jual Obat Aborsi Hongkong ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan...
ZurliaSoop
 

Dernier (20)

FSB Advising Checklist - Orientation 2024
FSB Advising Checklist - Orientation 2024FSB Advising Checklist - Orientation 2024
FSB Advising Checklist - Orientation 2024
 
On National Teacher Day, meet the 2024-25 Kenan Fellows
On National Teacher Day, meet the 2024-25 Kenan FellowsOn National Teacher Day, meet the 2024-25 Kenan Fellows
On National Teacher Day, meet the 2024-25 Kenan Fellows
 
Plant propagation: Sexual and Asexual propapagation.pptx
Plant propagation: Sexual and Asexual propapagation.pptxPlant propagation: Sexual and Asexual propapagation.pptx
Plant propagation: Sexual and Asexual propapagation.pptx
 
UGC NET Paper 1 Mathematical Reasoning & Aptitude.pdf
UGC NET Paper 1 Mathematical Reasoning & Aptitude.pdfUGC NET Paper 1 Mathematical Reasoning & Aptitude.pdf
UGC NET Paper 1 Mathematical Reasoning & Aptitude.pdf
 
Accessible Digital Futures project (20/03/2024)
Accessible Digital Futures project (20/03/2024)Accessible Digital Futures project (20/03/2024)
Accessible Digital Futures project (20/03/2024)
 
How to setup Pycharm environment for Odoo 17.pptx
How to setup Pycharm environment for Odoo 17.pptxHow to setup Pycharm environment for Odoo 17.pptx
How to setup Pycharm environment for Odoo 17.pptx
 
TỔNG ÔN TẬP THI VÀO LỚP 10 MÔN TIẾNG ANH NĂM HỌC 2023 - 2024 CÓ ĐÁP ÁN (NGỮ Â...
TỔNG ÔN TẬP THI VÀO LỚP 10 MÔN TIẾNG ANH NĂM HỌC 2023 - 2024 CÓ ĐÁP ÁN (NGỮ Â...TỔNG ÔN TẬP THI VÀO LỚP 10 MÔN TIẾNG ANH NĂM HỌC 2023 - 2024 CÓ ĐÁP ÁN (NGỮ Â...
TỔNG ÔN TẬP THI VÀO LỚP 10 MÔN TIẾNG ANH NĂM HỌC 2023 - 2024 CÓ ĐÁP ÁN (NGỮ Â...
 
The basics of sentences session 3pptx.pptx
The basics of sentences session 3pptx.pptxThe basics of sentences session 3pptx.pptx
The basics of sentences session 3pptx.pptx
 
HMCS Vancouver Pre-Deployment Brief - May 2024 (Web Version).pptx
HMCS Vancouver Pre-Deployment Brief - May 2024 (Web Version).pptxHMCS Vancouver Pre-Deployment Brief - May 2024 (Web Version).pptx
HMCS Vancouver Pre-Deployment Brief - May 2024 (Web Version).pptx
 
How to Add New Custom Addons Path in Odoo 17
How to Add New Custom Addons Path in Odoo 17How to Add New Custom Addons Path in Odoo 17
How to Add New Custom Addons Path in Odoo 17
 
ICT role in 21st century education and it's challenges.
ICT role in 21st century education and it's challenges.ICT role in 21st century education and it's challenges.
ICT role in 21st century education and it's challenges.
 
Application orientated numerical on hev.ppt
Application orientated numerical on hev.pptApplication orientated numerical on hev.ppt
Application orientated numerical on hev.ppt
 
Jual Obat Aborsi Hongkong ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan...
Jual Obat Aborsi Hongkong ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan...Jual Obat Aborsi Hongkong ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan...
Jual Obat Aborsi Hongkong ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan...
 
SOC 101 Demonstration of Learning Presentation
SOC 101 Demonstration of Learning PresentationSOC 101 Demonstration of Learning Presentation
SOC 101 Demonstration of Learning Presentation
 
Jamworks pilot and AI at Jisc (20/03/2024)
Jamworks pilot and AI at Jisc (20/03/2024)Jamworks pilot and AI at Jisc (20/03/2024)
Jamworks pilot and AI at Jisc (20/03/2024)
 
Holdier Curriculum Vitae (April 2024).pdf
Holdier Curriculum Vitae (April 2024).pdfHoldier Curriculum Vitae (April 2024).pdf
Holdier Curriculum Vitae (April 2024).pdf
 
Google Gemini An AI Revolution in Education.pptx
Google Gemini An AI Revolution in Education.pptxGoogle Gemini An AI Revolution in Education.pptx
Google Gemini An AI Revolution in Education.pptx
 
Mehran University Newsletter Vol-X, Issue-I, 2024
Mehran University Newsletter Vol-X, Issue-I, 2024Mehran University Newsletter Vol-X, Issue-I, 2024
Mehran University Newsletter Vol-X, Issue-I, 2024
 
NO1 Top Black Magic Specialist In Lahore Black magic In Pakistan Kala Ilam Ex...
NO1 Top Black Magic Specialist In Lahore Black magic In Pakistan Kala Ilam Ex...NO1 Top Black Magic Specialist In Lahore Black magic In Pakistan Kala Ilam Ex...
NO1 Top Black Magic Specialist In Lahore Black magic In Pakistan Kala Ilam Ex...
 
How to Give a Domain for a Field in Odoo 17
How to Give a Domain for a Field in Odoo 17How to Give a Domain for a Field in Odoo 17
How to Give a Domain for a Field in Odoo 17
 

Information governance

  • 2. www.cddft.nhs.uk Key Learning Points What Information Governance is. What YOU need to do to make this work. Follow the Caldicott Guidelines Provide a Confidential Service Comply with the Law. Understand the Data Protection Act Principles Recognise a Freedom of Information Act request Follow the Records Management NHS Code. Keep Information Secure. Input Quality Information.
  • 3. www.cddft.nhs.uk NHS IG Standards After serious losses of personal information, including the loss in 2007 of computer disks containing the names, addresses and bank details of 25 million child benefit claimants, the Government conducted a Data Handling Review (June 2008). This sets out mandatory measures for public bodies on protecting personal data such as staff training and committed the Government to publicly reporting progress on putting these measures into place.
  • 4. www.cddft.nhs.uk NHS IG Standards • The first progress report of the UK Government’s Data Handling Review was published in January 2010 and noted the NHS progress in improving the following standards of information handling: • Performance management to push improvements. • Contracts with organisations being renegotiated to make sure confidentiality and security protections are in place. • Older computer systems being replaced with modern systems that have state of the art security. • Nearly one million encryption licences were in use under a nationally negotiated contract. • Encryption had been mandated for all patient data held on portable devices (e.g. memory sticks, laptops). • Online training was made available to over one million staff (e.g. IG training module). • The information governance framework and guidance had been further developed so that NHS organisations were clear about expected standards.
  • 5. www.cddft.nhs.uk The NHS operating framework The Department of Health (DH) published an ‘Operating Framework’ which set out objectives for the NHS key themes included: •Organisations must meet all Information Governance requirements set out by DH by 31st March each year (the level of compliance is then reported to DH and Care Quality Commission) •Ensuring that all staff receive annual basic Information Governance training (through the online NHS IG Training Tool, Face to Face or Accredited Learning Package). •Reporting on the management of information risks •Publishing security breaches in annual reports.
  • 6. www.cddft.nhs.uk CONFIDENTIALITY Personal Information Sensitive Personal Information Personal information is legally classed as sensitive when it makes reference to particular matters of an identifiable person, such as his/her health, ethnicity, religion, criminal record or sexual life. These are also listed in the Data Protection Act 1998. Other details, e.g. a person’s bank account details, DNA or finger prints are not listed in the Data Protection Act 1998 but are still regarded as sensitive because of the damage and distress that could be caused if they were not properly protected. The rules set out in the Data Protection Act only apply to information about living individuals – not the deceased. This differs to the common law duty of confidentiality which continues after the death of the patient. Information about an individual is personal information when it enables an individual to be identified. It is non-personal when it doesn’t. This isn’t always straightforward, e.g. a person’s name and address are clearly personal information when presented together, but an unusual surname may itself enable someone to be identified. This is an important distinction in law.
  • 7. www.cddft.nhs.uk CONFIDENTIALITY Confidential Information – Health & Staff Information Personal and sensitive personal information is classed as confidential if it was provided in circumstances where an individual could reasonably expect that it would be held in confidence, e.g. a healthcare professional and patient. This applies to staff working on behalf of the health professional such as pharmacy / dental and eyecare staff. Confidentiality is accepted to extend after the death of the patient or staff member. Personal or Sensitive Information CAN be Confidential Information Whether information is confidential or not depends on the circumstances under which it was provided. If it is: private information about a person AND given to someone who has a duty of confidence AND expected to be used in confidence THEN IT IS CONFIDENTIAL INFORMATION.
  • 8. www.cddft.nhs.uk Disclosing information Confidential information should not normally be used (which includes sharing and disclosing) unless one of the following criteria are met. 1. The person has given consent for the disclosure. For patients: • Consent may be implied for care purposes and related purposes that support or check the quality of care provided. • For other purposes consent should be specifically sought. 2. There is a legal basis which permits or requires disclosure of confidential information. 3. There are exceptional circumstances (e.g. investigation or prevention of serious crime) where the overriding public interest outweighs the duty of confidentiality.
  • 9. www.cddft.nhs.uk Caldicott guardian •In 1997 a review was carried out into the use of patient identifiable information in the NHS. This was carried out because there were concerns about how patient information was being handled and transferred. •Dame Fiona Caldicott chaired the ‘Caldicott Review’. The report set out principles and recommendations for the security of patient information. •An important recommendation was that a senior clinician should be nominated in each NHS Trust to act as the Trust’s conscience for the uses of patient identifiable information. These senior clinicians are known as ‘Caldicott Guardians’. •In independent contractor organisations such as General Practice, Pharmacy, Dental Practice and Eye Care Services a person, normally the practice manager, will act as the ‘Information Governance Lead’ and coordinate Information Governance issues including the Caldicott principles and recommendations.
  • 10. www.cddft.nhs.uk Six Caldicott principles The six Caldicott principles support the confidentiality and security controls on using patient information. The principles should be used whenever a use of confidential information is being considered and in particular when there is an intention to transfer confidential information to another organisation: 1. Justify the purpose for using confidential information. 2. Only use it when absolutely necessary. 3. Use the minimum required. 4. Access should be on a strict need-to-know basis. 5. Everyone must understand their responsibilities. 6. Everyone must understand and comply with the law.
  • 11. www.cddft.nhs.uk NHS care record guarantee The National Information Governance Board is a statutory body which champions the confidentiality and security of health and social care services records, especially records containing clinical and care information. The Board published the NHS Care Record Guarantee in 2005. The Guarantee sets out rules that govern how patient information is used in the NHS. This includes: •people’s access to their own records •controls; monitoring and policing staff access to patient files •options that patients have to limit access •access in an emergency •what happens when someone cannot make decisions for themselves.
  • 12. www.cddft.nhs.uk Data Protection Act 1998 UK law in the form of the Data Protection Act 1998 governs how organisations may use personal information (about living people), including how they acquire, store, share or dispose of it. The Information Commissioners Office (ICO) is the UK’s independent regulator set up to uphold the public’s information rights by promoting data privacy for individuals (and openness by public bodies). The ICO investigates complaints made by the public and provides guidance for the public and organisations. Under the Act, organisations that process personal information must notify the ICO (unless they are exempt). The organisations’ details are entered on a public register (available on the internet). Failure to notify is a criminal offence.
  • 13. www.cddft.nhs.uk COMPLY WITH THE LAW Data Protection Act 1998 – It is your responsibility to understand the principles in relation to your role and the organisation. The Data Protection Principles - Personal data must be: 1. Processed fairly and lawfully 2. Processed for specified purposes 3. Adequate, relevant and not excessive 4. Accurate and up-to-date 5. Not kept for longer than necessary 6. Processed in accordance with the rights of data subjects 7. Protected by appropriate security (practical and organisational) 8. Not transferred outside the EEA without adequate protection
  • 14. www.cddft.nhs.uk FREEDOM OF INFORMATION ACT Public Authorities (including NHS Trusts, Local Authorities, Dentists, Doctors, Eye Care Services and Pharmacists), are subject to the legal obligations of the Freedom of Information (FOI) Act 2000. Public Authorities have only 20 working days to respond to written information requests. This is the limit set out by law. Speak to your Line Manager if you are unsure about your organisation’s procedure for dealing with FOI requests. The Information Commissioners Office (ICO) is the independent regulator set up to uphold people’s information rights by promoting openness for public bodies. The CDDFT Freedom of Information Officer is JOANNA TYRELL (nee JENKINS)
  • 15. www.cddft.nhs.uk NHS Constitution The NHS Constitution was first published on 21 January 2009 and was updated after public consultation in March 2010. It describes the principles of the NHS in England and the rights and responsibilities of patients, public and staff. One such right is that patients can expect the NHS to keep their confidential information safe and secure. All NHS bodies and private and third sector providers supplying NHS services are required by law to take account of the NHS Constitution in their decisions and actions. The NHS Constitution will be renewed every ten years.
  • 16. www.cddft.nhs.uk HANDLING INFORMATION Holding it securely and confidentially Obtaining it fairly and efficiently Recording it accurately and reliably Using it effectively and ethically Sharing it appropriately and lawfully
  • 17. www.cddft.nhs.uk If you are not sure or in doubt, don’t disclose. Immediately seek further advice from your Line Manager or The Caldicott Guardian
  • 18. www.cddft.nhs.uk Follow the Records Management NHS Code of Practice Best Practice Guidance States: All Staff have a legal and professional obligation to be responsible for any records which they create or use in the performance of their duties. Any record created by an individual, up to the end of its retention period, is a public record and subject to Information requests (FOI, DPA and Subject Access).
  • 19. www.cddft.nhs.uk Input Quality Information Right information, Right place, Right time Accuracy is just one quality that we expect in records. But other qualities are also needed for the information to be useful, e.g. it would be pointless having information which was 100% accurate but wasn’t available in time for it to be used. Information is used to make decisions throughout the health sector each day in all sorts of situations. Sometimes this information needs to be extremely high quality, such as quick and accurate test results to help decide a patient’s urgent condition and treatment. Other information may be less urgent or the level of accuracy may be less vital, such as an annual national comparison of ‘flu injections for forward planning. Whatever the situation, the right information should be in the right place at the right time - and that needs to be achieved every time. Poor quality information Poor quality information is bad for patient care, bad for funding and bad for reputation, e.g. Incomplete, inadequately analysed data can lead to serious failures in service. Poor demographic data results in duplicate and confused entries on patient record systems. Confused patient identity numbers can lead to the wrong patient being treated. Inadequate records lead to poorly planned care. Poor data results in poor commissioning, monitoring, planning and financing of services.
  • 20. www.cddft.nhs.uk Input Quality Information High quality information The NHS takes Information Quality very seriously because the consequences can be vital to patient outcomes or, in the case of planning, result in too much or not enough service provision. High quality means: C omplete A ccurate R elevant A ccessible T imely
  • 21. www.cddft.nhs.uk DON’T SHARE YOUR SMARTCARD OR PASSWORD “Can I borrow your Credit Card & PIN number?” “Of course you can!” Could you imagine having this conversation with a colleague?
  • 23. www.cddft.nhs.uk Major causes of breaches include • Information disclosed in error • Lost data/hardware • Information lost in transit • Stolen data or hardware • A technical or procedural failure • Breach arising from non-secure disposal SECURITY BREACHES
  • 24. www.cddft.nhs.uk • Follow Organisation Policies • Protect Information Physically • Practice Password Management • Transfer Information Securely • Report Breaches of Security to Management Keep Information Secure It is your responsibility to keep all personal & sensitive information secure