Information governance - Your information
What is information governance?
Why is information governance important?
Information governance (IG) is the way in which the NHS handles all of its information, in particular the personal and sensitive information relating to patients and employees.
It provides a framework to ensure that personal information is dealt with legally, securely, efficiently and effectively, in order to deliver the best possible care.
It also offers NHS employees a clear structure to deal consistently with the many different rules about how information is handled, including those set out in:
- The Data Protection Act 1998;
- The Common Law Duty of Confidentiality;
- The Confidentiality NHS Code of Practice;
- The NHS Care Record Guarantee for England;
- The Social Care Record Guarantee for England;
- The Information Security NHS Code of Practice;
- The Records Management NHS Code of Practice;
- The Freedom of Information Act 2000.
Ensuring that our staff and clinical leaders are suitably equipped to manage this important area of work is a key priority for NHS NEW Devon CCG and integral to our capacity to deliver on plans to build local trust. The penalties for breaking data protection and associated laws can be significant:
- The penalties for breaking data protection and associated laws can be significant. Organisations can be fined up to £500,000 for each breach or subject to other sanctions
- Individuals responsible for breaches may be subject to disciplinary action that can result in dismissal
- Staff morale can be hit – and reputations which organisations have worked hard to build over many years can take even longer to rebuild among local communities.
Simple oversights can lead to these consequences:
On 6 August 2012 a monetary penalty of £175,000 was issued to Torbay Care Trust after sensitive personal information relating to 1,373 employees was published on the trust’s website.
A Fair Processing notice is a written statement that individuals are given when information is collected about them. As a minimum, a privacy notice should tell people who we are, what we are going to do with their information and who it will be shared with.
This leaflet explains why information is collected about you and the ways in which this information may be used by the CCG.
The information governance statement of compliance (IG SoC) is the process by which organisations enter into an agreement with HSCIC for access to the NHS National Network (N3).
NHS NEW Devon CCG have gained approval status. More information can be found within the certificate below: