Information Governance ensures that one of the Trust's most important assets, information, in both clinical and management terms, is respected and held in secure and manageable conditions. Therefore it is of paramount importance that the Trust ensures that information is:
The Trust has put into place a range of appropriate policies, procedures and management arrangements to provide a robust framework for Information Governance to manage these aspects.
Our joint senior Information Risk Owner/ Information Governance Committee monitors the development of Policies and procedures to meet the current legislative framework. There is a Data Security and Protection Toolkit which consists of a number of assertions relating to the management of Information which is monitored by the Trust making evidence available and making an annual submission to NHS Digital. The Trust submitted the annual return and evidence in March 2019 and was awarded “substantial assurance” by Mersey Internal Audit Agency when audited.
Membership of the Joint SIRO/ Information Governance Committee comprises of: the Medical Director as Caldicott Guardian, Senior Information Risk Owner, Chief Clinical Information Officer, Head of Information Governance, Senior Nurse Management Representative, Information Security Manager, Adverse Incident Manager and nominated representatives from Corporate and Clinical specialties. Membership is also seconded as and when specific issues arise. The Committee meets bi-monthly and reports to the Executive Committee.
Data Security and Protection Toolkit
Budget and Expenditure
For 2019/20 the annual budget has been set at £292,404, with expenditure being used for registration fees with the Information Commissioners Office declaring the categories of information held and the reason for processing. Funding is also used to fund 5 members of staff relating to Information Governance, provide bespoke training and development in respect of Information Governance, Data Protection Act, Confidentiality for staff, Freedom of Information Act, General Data Protection Regulation.
The team also comprises of 2.8 wte Clinical Coders who are responsible for the translation of clinical diagnosis into the International Classification of Diseases statistical index. This information is used to assist the Trust in planning new facilities and for monitoring key clinical conditions nationally and by the World Health Organisation.
Policies and Procedures
Please visit the Trust Policy and Procedure page and look at the Information Management Technology and Governance section.
Current Policies are:
We provide the following:
Our major ongoing projects during 2019/20 are: continued training relating to Information Governance, addressing the Corporate Lifecycle agenda by undertaking Corporate Records Management Audits, monitoring and review of data loss/data breach incidents, mitigation of risks associated with data loss/data breach, identification of information assets and identification and mapping of data flows. The Trust continues to ensure compliance against the Data Security and Protection Toolkit assertions, and implementation of the new Data Protection Act 2018 and General Data Protection Regulation (GDPR).