1 / 26

Information Governance, Love it or Hate it!

Information Governance, Love it or Hate it!. Norman Pottinger Information Governance Manager. Admin and Introductions. Fire alarms Please turn off or silence mobile phones There will be a break for coffee No hand-outs but I will send the slides to Sam if you want a copy. Objectives.

yehuda
Download Presentation

Information Governance, Love it or Hate it!

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Information Governance,Love it or Hate it! Norman Pottinger Information Governance Manager

  2. Admin and Introductions • Fire alarms • Please turn off or silence mobile phones • There will be a break for coffee • No hand-outs but I will send the slides to Sam if you want a copy

  3. Objectives • To support the IG on-line training tool • Give you some more “local” guidance • Help you to understand wider implications of Information Governance • Keep you and your employers out of jail! • Answer (if I can) your questions

  4. Quiz • On your own or in pairs, or groups – your choice • Just take ten minutes to do this • We will discuss your answers at the end of the session

  5. What is Information governance? • All and anything to do with information • Data Protection Act • Freedom of Information • Caldicott (1 and 2) • Human Rights • Records Management • Information Security • Data Quality

  6. Data Protection Act 1998 • European Legislation • 8 principles • Covers Personal Data and Sensitive Data • Test! • Define Personal Data • Define Sensitive Data • Gives rights to individuals (Data Subjects) • Responsibility is personal

  7. First Principle • “Personal Data shall be processed fairly and lawfully” • Fair processing notices • No surprises • Access to personal data must be restricted and appropriate

  8. If you get it wrong • A member of staff working in a GP practice illegally looked at the records of more than a thousand patients. As a result he was fined for a breach of the Data Protection Act. • Total fine over £1000 • The Information Commissioner has fined an ex GP's receptionist for accessing a patients notes. The receptionist from a practice in Hampshire looked up details of her ex husbands new wife on a number of occasions. • Total fine over £1100 • NHS England (formally the NHS Commissioning Board) are having to pay a £200,000 fine because NHS Surrey (whose services have moved to NHS England) failed to ensure that PCs they arranged to be "cleaned" by a third party were being sold on still containing patient identifiable information. • An ex-employee of University Hospitals of Leicester NHS Trust has been convicted of computer misuse after inappropriately accessing patient records. They received a six-month custodial sentence.

  9. Caldicott 1 and 2 • Caldicott review 1997 • Reviewed use of and access to patient records • Established the role of the Caldicott Guardian • Original 6 principles • Caldicott “2” 2013 • Clarified the H&SCA 2012 in relation to PCD • Tasked NHS England and the HSCIC with providing more guidance and clarity • 26 recommendations – all accepted by the department of Health • Added a 7th principle

  10. Caldicott Principles • Justify the purpose • Don’t use patient confidential data (PCD) unless it is absolutely necessary • Use the minimum that is necessary • Access to PCD should be on a strict need to know basis • Everyone with access to PCD should be aware of their responsibilities • Comply with the Law • The duty to share information can be as important as the duty to protect patient confidentiality

  11. Information Security • Principle 7 of the Data Protection Act • Appropriate technical and organisational measures shall be taken against unauthorised or unlawful processing of personal data and against accidental loss or destruction of, or damage to, personal data.

  12. Information Security • Password Controls • Policies • Locked cabinets • “Hidden” VDU screens • Secure e-mail

  13. Passwords Passwords are like underpants. They should be changed regularly, they are best kept hidden, and they shouldn’t be shared.

  14. Good or bad • onedirection • 1direction • tbbbitw • tN1bbitw • Nj89219*nel(m,LKH

  15. To save or not to save?

  16. Data Disclosure • Could be a criminal offence • Easily Done • Normally done by accident

  17. Secure e-mail • @anyhospital.nhs.uk • @nhs.net • @hotmail.com • @gp-d82973.nhs.uk

  18. Summary Care Record • Populate a central register of all patients • Summary only (although enhanced data may be uploaded later) • Available to all clinicians • Primary use of data (for direct patient care) • Patients can opt-out

  19. Care.Data (HSCIC) • NOW DELAYED UNTIL OCTOBER 2014 • Populate a central record of all patients • Contains full patient records (read coded items) • Data is anonymised or pseudonymised within the HSCIC • Links primary care to secondary care data • Collection of data is given legal basis under the H&SCA • Data is for secondary use (i.e. not direct patient care) • GPs and Patients DO NOT have a legal right to opt out

  20. Quiz Let’s review the answers

  21. Any Questions?

More Related