Information Governance
All Trust employees who, Held securely and confidentially, Obtained fairly and efficiently, Recorded accurately and reliably, Used effectively and ethically and Shared appropriately and lawfully (H.O.R.U.S) all types of personal data in any form, must ensure that they comply with the Data Protection Legislation (Data Protection Act 2018 and UK General Data Protection Regulation 2021 (GDPR)). Any Personal Identifiable Data held in manual or electronic records in a retrievable form is classed as a database and all databases must be registered under the Data Protection Act (DPA). This process is known as notification, and a Data Notification and Data Mapping Form must be completed. For research projects please complete the RMS; any other project please complete the forms on Cherwell: STH - View My Registrations - Service Desk
Policies
There are various Information Governance policies, procedures and codes of practice in place to help and guide staff to ensure processing of personal data is in line with the different laws and regulations such as:
Data Protection Policy
Information Governance Policy
Mandated Procedure for the Secure Transfer of Personal Confidential Data and other Sensitive Information
Confidentiality Staff Code of Conduct
The list is not exhaustive, full details are available here: Information Governance (micro guide.global)
Department for Information Governance, Caldicott & SIRO Support (IGCS)
IGCS handles all aspects of the Information Governance Assurance Framework (IGAF), and has a direct supporting role for both the Caldicott Guardian and the Senior Information Risk Owner (SIRO). In the first instance please direct all queries to IGCS, contact below.
Contacts
To ensure prompt processing of your application please address all correspondence to the following email: sth.infogov@nhs.net
The Department for IGCS2 Claremont Place |
|
Page updated November 2022
