What is Information Governance?
Good professional practice goes hand in hand with information governance.
Information Governance provides a framework to bring together all the legal rules, guidance and best practice that apply to the handling of information, allowing:
- implementation of central advice and guidance
- compliance with the law
- year on year improvement plans.
At its heart, Information Governance is about setting a high standard for the handling of information and giving organisations the tools to achieve that standard. The ultimate aim is to demonstrate that an organisation can be trusted to maintain the confidentiality and security of personal information, by helping individuals to practice good information governance and to be consistent in the way they handle personal and corporate information.
Information is a vital asset to the organisation but it also poses one of our greatest risks. It highlights the importance of protecting Personal/Patients information and promoting access to corporate information. It is therefore essential that as an organisation, when information is used, that it is handled in accordance with the CCG pdf Information Governance Handbook (1.03 MB) . This will ensure that all relevant legislative requirements are met. Staff have also received a pdf Information Governance Staff Briefing (332 KB) .
Policy Awareness and Compliance
The CCG has a responsibility to ensure that all staff are aware of the expectations placed upon them regarding how they use the information they come in to contact with as part of their work for the CCG. This may be information which identifies individuals, or which is “commercially sensitive” and would be detrimental to the organisation if its confidentiality was breached.
The CCG has put in place an pdf Information Governance Policy (517 KB) alongside the IG Handbook, which cover all aspects of Information Governance and will provide guidance and direction on how staff are expected to work with confidential information, and in doing so, ensure compliance with all relevant legislation.
Fair Processing Notice
Individuals must be informed, in general terms, how their information may be used by the CCG and the organisations or types of organisation it may be disclosed to. To achieve this, the CCG has produced a pdf Fair Processing Notice (466 KB) which will be displayed wherever members of the public may access the organisation, e.g. in Reception areas of buildings, on this website.
The Fair Processing Notice explains why the CCG may collect information about service users, how we will keep it secure, who we may share the information with, and the individuals rights under the Data Protection Act.
The CCG also have a pdf Fair Processing Notice for Staff (229 KB) to explain what information we may hold about them, how we will keep it secure and who it may be shared with. It also details the process in which staff should follow in order to gain access to this information.
The Data Protection Act 1998 requires every organisation that processes personal information to register with the Information Commissioner’s Office (ICO), unless they are exempt. Failure to do so is a criminal offence. Registration Certificate for South East Staffordshire and Seisdon Peninsula CCG.