Our information governance policies set out how we handle information, in particular personal and sensitive data.
Information Governance policies
This policy relates to the processing of personal information and to the management of personal information about staff, patients/service users. The CCG is required by law to comply with the Data Protection Act 1998. To comply with the law staff or others who process personal information must ensure they follow the Data Protection Principles and the Caldicott Principles. The obligation to keep information confidential arises out of the common law duty of confidentiality, professional obligations and staff/third party contracts. The NHS code of Practice: Confidentiality provides guidance to the NHS and related organisations.
This policy is designed to ensure that the importance of data quality within the CCGs is disseminated to all staff. It will describe the meaning of data quality, who is responsible for its maintenance and how it can continue to improve in the future. Although this policy relates to patient/service user data and information, the principles included are applicable to any other data/information staff may encounter i.e. recording of minutes, etc.
This policy document sets out the detailed procedures, rules and standards governing information security that all users of the CCG’s information systems must comply with. This policy document states the CCG’s commitment to information security and sets out the CCG’s overall approach to managing information security.
This policy sets out the principles of records management for the CCG. It provides a framework for the consistent and effective management of records that is standards based and fully integrated with other information governance initiatives within the CCG. Records management is necessary to support the business of the CCG and to meet its obligations in terms of legislation and national guidelines.