Nomination of IM&T Lead and Caldicott Guardian .

1. Components 3 & 4 IM&T DES Checklist Component 1 Component 2 Nomination of IM&T Lead and Caldicott Guardian. Click here for guidance on the Caldicott Guardians Responsibilities. Work through the Information Governance Toolkit. Click Here for more information on registering and specific requirements Paperlight Approval This will be by way of self assessment. Click Here for the Policy and self assessment questionnaire Run e-Audits and upload data to CHART Online What do I do with the queries in Chart? Click here for further guidance Click here for instructions how to upload your data. You will be required to upload quarterly. This will be used to assess the progress you have made. The IM&T DES does not insist on perfect data however any anomalies must be justified during the visit. Conduct TNAs on all practice staff (clinical and non-clinical) producing individual Training Plans for every member of the practice team involved with the operation of IT systems. Click here for more specific requirements for Staff Training • Information Governance & Required Policies • Prior to the Accreditation visit you will be required to submit evidence of the following • Registration with the Data Protection Act • Use of Smart Cards – Policy developed for component 1 • An effective, validated data recovery process • The nomination of a trained Caldicott Guardian who performs the role appropriately • All alleged breaches of data security are investigated promptly and efficiently Ensure every member of staff who is to have access to the clinical system is authenticated and registered with a smart card and knows how to use it (including role based access for all terminals, with no terminals being used by a staff member on another staff member’s card). Ensure a process is in place for staff changeover. Click here for an example Smart Card Policy Please note: If you are having problems accessing the linked documents please contact Chris Beyer at chris.beyer@warkpct.nhs.uk

2. Accreditation Visit IM&T DES Checklist Component 3 Component 4 • The Practice needs to demonstrate to the satisfaction of the PCT that it has working procedures operating within the practice to ensure the validation of patient addresses and other relevant details • All reasonable steps are taken to ensure that the addresses held for patients are complete and correct • Procedures ensure that patient’s addresses are correct when patients are referred for services outside the practice • All instances of conflicting information regarding its patients are investigated • An example Address Validation Policy is available here Migration to CfH Hosted System Practices will receive a further payment of 22p/ registered patient, at the start of the quarter in which the migration to the NHS CfH accredited hosted system is successfully completed Prepare for the Electronic Prescription Service (EPS), by accessing training, identifying changes in working practice and amending standard operating procedures. Utilise EPS software (latest release). Ensure patients are informed (via practice leaflets, etc.) about any local changes forprescription collection arrangements.

3. Back to Checklist The Accreditation Visit • When? • The Accreditation visit can take place anytime between March and 31 December 2008. You will be required to notify the PCT when you are ready for your assessment. The Assessment will be split into 3 stages. • Practice Submission • The Practice will be required to submit the following policies/evidence for review in advance of the visit. • Registration with the Data Protection Act • Smart Card User Policy including role based access • An effective, validated data recovery policy • Data Entry & Maintenance Policy • Evidence of Trained Caldicott Guardian • Opportunistic Address Validation Policy (for Component 3) • New User / Locum Pack supporting consultation and data entry • Any breaches of data security have been investigated • 2. e-Audit Queries • Upload of CHART data to CHART online quarterly. This will be used to assess data quality. • 3. Practice Visit • The Assessors will visit the practice to discuss your data quality and any concerns subsequent to CHART data or documents submitted. Further details on this including patient consent can be found in the IM&T DES Ready Reckoner spreadheet.

4. Back to Checklist Information Governance Information Governance Requirements for the IM&T DES The Information Governance Toolkit is an aid in the production of the relevant IG criteria defined by the IM&T DES. The toolkit can be found at http://www.igt.connectingforhealth.nhs.ukThe Accreditation visit will not include a detailed assessment of the toolkit itself, however will require the practice to have registered and completed the assessment to a satisfactory standard. For more details on this click here. The criteria as defined by the IM&T DES is as following; 1) The Practice is Registered under the Data Protection Act 2) The practice complies with laws on data access, including role based access for all terminals, ensuring that no terminals are used by staff member on another staff member’s card. (Smart Card Policy) 3) The Practice has effective, validated data recovery processes 4) The Practice has a nominated and trained Caldicott Guardian who performs the role appropriately 5) Alleged breaches of data security are investigated promptly and efficiently

5. Back to Checklist Staff Training Training Needs Analysis (TNAs) and Linked Training Plans All staff involved in the operation of IT Systems within the surgery need to undergo a Training Needs Assessment (TNA) and linked training plan.There are a number of templates you can use for this. • A national tool has been developed by PRIMIS+ which can found on the PRIMIS+ website. To download this program firstly Click here and then under the ‘tools for practices section’ click on ‘IM&T DES Practice IT Knowledge and Skills Training Needs Assessment Software and Instructions’. You may be asked to register with PRIMIS+ before you can download the tool. • A tool has been developed by the PCT which is slightly easier to use. This can be found here. You can alter this to meet your Practices needs. No matter which tool you use (can be your own) you will need to provide evidence that all members of staff using computers have undergone this training needs analysis and have a linked plan. When the training has been completed the member of staff will be required to keep a log of the training including the date and a signature by the staff member. Training can be performed ‘in house’ (by another staff member) or externally to the practice.

6. Back to Checklist ‘CHART’ & ‘CHART Online’ What is CHART & CHART online CHART has been developed by GPs as a tool to assess the quality of a snap-shot of data from the clinical system. CHART uses MIQUEST queries (e-Audit) to gather data that gives an indication of the quality of data on the system. These queries are then upload to CHART Online (anonymous data only) and can be compared to other practices within the area to assess prevalence. All practice data is kept anonymous. To download the CHART software please contact Bev Martin or Chris Beyer at the PCT on 01926 493 491 ext 447. If you have run the queries in CHART and are now ready to upload the information to Chart online then please contact Chris or Bev and they will guide you through the process. Alternatively instructions are available for this here. CHART Queries The CHART e-Audit queries are designed to promote discussion within the practice around the processes involved in Data Entry and Read coding. The results from the e-Audit tool within CHART will be subject to validation at the assessment visit where justification will be sought for patients not fitting into the designated criteria.