Information Governance. and what it means for you
|
|
- Cecily Oliver
- 8 years ago
- Views:
Transcription
1 Information Governance and what it means for you 1
2 Content Introduction 3 Who are we? 4 What is Information Governance? 4 Purpose of Holding Information 5 Confidentiality and Security 5 Accuracy of Information Types of Information 6 Service User Information 9 Employee Information 10 Corporate Information 11 Access to Personal Information held by the Trust 13 Access to Corporate Information held by the Trust 15 Compliments, Complaints or Appeals 15 Further Information 2
3 Introduction Who are we? KMPT provides a number of different mental health services to people living in Kent and Medway. Our services are more specialised than services provided by General Practitioners. Most of our mental health services are provided through: Community based teams Outpatient clinics Inpatient units Community services and inpatient/outpatient units are generally split into services for adults and services for older people over local areas. In addition to our community and inpatient/outpatient services, we also provide a number of specialist services across the county and mental health services for people with a learning disability. We work as a partnership organisation for mental health services and our partners include: Clinical Commissioning Groups Commissioning Support Units General Practitioners (GPs) Ambulance Services Acute Hospital Trusts Mental Health Social Services More information about our services can be found on our website 3
4 What is Information Governance? Information governance is the term used to describe the principles, processes, legal and ethical responsibilities for managing and handling information. It sets the requirements and standards that health and social care organisations need to achieve to ensure they fulfill their obligations so that information is handled legally, securely, efficiently and effectively. This booklet has been prepared to advise individuals on what information we hold, how it is used by us and the rights available to individuals. Purpose of Holding Information All organisations are obliged to understand and document the purposes for which information is held. These are documented in something called a Data Protection Register Entry which is registered with the Information Commissioners Office (the body with responsibility for overseeing compliance). As an NHS Trust, we keep records relating to the purposes detailed above. These records help us to deliver our services and manage our activities and may be written down (manual/paper records) or be held on a computer in electronic form or as part of an information system. KMPT has identified the following reasons for holding and using information: to provide Healthcare Services to administer staff and employment records to keep Accounts and Records relating to our activities to take part in appropriate research within the Health Sector in Crime Prevention and Prosecution of Offenders in educating and training our staff to provide good quality services in establishing/maintaining membership of our Trust in auditing our services and preparing statistics on NHS performance in reviewing the care provided and ensuring services meet the needs of the users Electronic records will be held in digital form on servers and computers as well as removable media including USB memory stick and CDs. Electronic records include, but are not limited to databases, s, scanned files or images, word processed files, spread sheets, web pages and media clips. The security of electronic records is paramount to providing a confidential service and is controlled and governed on a need-to-know basis by a variety of methods including, but not limited to, passwords, smartcards and security tokens. Some of these reasons will involve using and sharing personal information which may identify individuals either as employees or service users. Some will be met through the use of anonymous or non-identifiable statistics or data. 4
5 Confidentiality and Security of Information Individuals entrust us with, or allow us to gather, sensitive information relating to their health, employment and other matters as part of their contact with our organisation. They do so in confidence and have a legitimate expectation that we will respect their privacy and act appropriately. It is essential that we provide a confidential service. PROTECT The provision of a confidential service is governed by law, policy, procedure and best practice. As an NHS Trust, we have a duty to ensure this confidentiality and the physical/electronic security of your information is maintained at all times. In order to do this we follow the model of confidentiality promoted by the Department of Health: PROTECT - we look after the personal information held by us; INFORM - we ensure individuals are aware of how their information is used; PROVIDE CHOICE - we allow individuals to decide, within the boundaries of the law, whether information can be disclosed or used in particular ways; and IMPROVE - we always look for better ways to protect, inform and provide choice. INFORM IMPROVE PROVIDE CHOICE From: DH/IPU/Patient Confidentiality (2003) Gateway Ref 1656 Confidentiality NHS Code of Practice pg 10 Accuracy of Information We have a duty to ensure your information is accurate and kept up-to-date. To do this, we undertake regular checks on the quality of the data we hold and will ask you at regular intervals to confirm your basic information, such as name, address, date of birth, ethnicity etc. is right. We may also take part in Information Quality Assurance Assessments with our partner organisations to ensure we deliver improvements in the quality of information we record about you. 5
6 Types of Information Service User Information When you make use of any of the Trust s services, it is important we have information about you in order to ensure you get the care and/or treatment appropriate to your needs. This information helps to ensure you receive the best possible care. It may be written down (manual/ paper records) or held on a computer. This will form what is called a health record commonly defined as a record consisting of information about the physical or mental health of an individual made by, or on behalf of, a health/social care professional in connection with the care of that individual. The type of information kept includes: Basic details such as name, date of birth, address, next of kin, ethnicity, disability, sexuality and gender Contacts we have had with you Notes and reports about your health and any treatment and care you need Details and records about the treatment and care you receive Results of any tests or investigations Relevant information from other health professionals, relatives or those who care for you How we use this information to help you Primarily this information is used to guide and administer the care you receive. It ensures that: All healthcare professionals involved in your care have accurate and up-to-date information We can contact you for appointments Information is available if you need to see another health professional within our Trust or be referred to a specialist in another part of the NHS We can assess the type and quality of care you receive Your concerns can be properly investigated if you need to complain 6
7 How we use this information to help the NHS We may also need to use your information to help the NHS. This includes: Looking after the health of the general public Being able to ensure your healthcare is paid for Ensuring our services meet patient needs Preparing statistics of NHS performance Reviewing the care provided to ensure it is of the highest standard Teaching and training healthcare professionals Conducting health research and development Auditing our services Where information is used for these purposes, we always take every care to ensure individuals cannot be identified. Anonymous statistical information may be shared with other organisations such as universities and research institutions where there is a legitimate interest. On some occasions, such as pre-screening for clinical research or the investigation/assessment into the provision of care or management of the Trust, it is not possible to use anonymous information and statutory authorities like the NHS Litigation Authority may want to see your records. Where this is the case and personal identifiable information is likely to be used and/or shared, we will ask your permission, unless the law requires us to share the information, when we will aim to advise you as soon as possible. Occasionally, we are asked to provide information to assist with training, education, research or audit. Any such requests are considered very carefully by the Trust s Caldicott Guardian (the officer with responsibility for safeguarding confidentiality) and information is usually provided in a form that does not identify individuals. If you wish to object to your records being made available during such activities, please notify the Trust. 7
8 Information Sharing We work as a partnership organisation for mental health services and may need to share some clinical information with other groups of professionals involved in the provision of care. Please be reassured, we will only use or pass on information where there is a genuine need for it. Your treatment and care may involve a team, which includes doctors, nurses, therapists, some administrative staff and other health and social care professionals, including your GP. Information about you may be shared to assist those who have an interest in your care or treatment. Your information will only be passed on to those who have a need-to-know and be shared in a secure manner. Your information may also be shared, subject to strict agreements describing how it will be used with: Social Services Local Authorities Voluntary Sector Providers Private Sector Providers We will not disclose your information to any other organisation without your permission unless there are exceptional circumstances, such as when the health or safety of yourself or others is at risk or where the law requires it to be passed on. We are required by law to report certain information to the appropriate authorities and occasions when this is the case include: Where we encounter infectious diseases which may endanger the safety of others such as meningitis or measles (but not HIV/ AIDS) Where a formal court order has been issued Where disclosure is necessary to protect either yourself or someone else from harm Whatever the reason for sharing information, we will ensure it is done so securely and lawfully. 8
9 Employee/Staff Information As an employee, or past employee of the Trust, we are obliged to retain information about you and your employment. This will include information such as your name, date of birth and address as well as more sensitive information such as your ethnicity, salary and bank details. We will also hold a personal file relating to your employment containing information about your absences and performance whilst an employee. These records may be written down (manual/ paper records) or held on a computer (electronic records). The content of your personal file will be retained securely by your Line Manager. However, in order to manage and administer your employment relevant information will be available to other departments such as Human Resources or Payroll. In addition, the Trust is obliged to provide various external bodies with some information such as HM Revenue and Customs, Pensions Agency etc. Your information will only be passed on to those who have a need-to-know and it will be shared in a secure manner, for example in the event of your employment transferring under TUPE regulations information will be shared with your new employer. How we use this information Primarily this information is used to administer your employment with us from recruitment to termination including pay, discipline, superannuation, work management, fitness to practice, professional registrations or other personnel matters. However, we may also need to use this information to help the NHS, including: NHS Reporting to the Department of Health or Strategic Health Authority Auditing our Services Where information is used for these purposes, we always take every care to ensure individuals cannot be identified. 9
10 Corporate Information Corporate records are records which relate to the corporate business of the Trust such as financial accounts, minutes and meeting papers, legal and other administrative documents. Corporate records may contain personal identifiable information, for example staff files or commercially sensitive information about the business of the Trust and such records are treated with the utmost care to their confidentiality and security. What is a Corporate Record? Corporate records can be made up of documents and records. These could be either in written/paper or electronic form. A document is defined as any item of information received or created by the Trust. A document is an evolving item of information which can be changed and is owned and managed by individuals e.g. working documents in draft form. A document or its contents could be held in any form or made up of any type e.g. text, image, video, audio, paper, electronic, physical (audio or video tape, architectural models etc.). Records are those documents which support and provide evidence of the activities of the Trust. They are the final versions of documents (master copy) and do not change e.g. policy documents, minutes of meetings. They are subject to retention periods to ensure information is retained only for as long as is necessary. How we use this information Corporate records are created in order to ensure that the Trust has the necessary information to deliver high quality services and provide evidence of their activities. It is the duty of each NHS body to establish and keep in place arrangements for the purposes of monitoring and improving the quality of health and social care provided by and for that body. 10
11 Access to Personal Information held by the Trust What are my rights? The Data Protection Act 1998, Access to Health Records Act 1990, Human Rights Act and the common law duty of confidence, all protect your privacy and your information. Under the Data Protection Act 1998 you have the right to apply for access to your records; this is known as a Subject Access Request or SAR. This applies to all records kept about you no matter when they were made. The Act relates to all organised identifiable information about living people, in all formats and regardless of how much of it there is. In the event that you wish to access health records relating to an individual who has passed away, the Access to Health Records Act 1990 would apply. The provisions are very similar to those in the Data Protection Act 1998 however, there are regulations surrounding who can make such a request as the information continues to be held under a duty of confidentiality. How do I apply? Applications to access records must be made in writing and sent to the Information Rights Office. You will be asked to provide evidence of your identity. How long will it take? We have an obligation to provide access to records within 40 calendar days, slightly less for those made under the Access to Health Records Act. This time period starts after we have received everything we need to process your request. How will my records be shown to me? When you make your application, you will be asked to confirm whether you want to view your records or receive copies. Viewings will take place at a mutually agreed date/time or photocopies can be sent to you. 11
12 Can someone else ask for my records? Your solicitor/representative, friend or family member can make the request for you. They will be required to provide your written authority/consent for us to liaise with and share this information with them on your behalf. Can I change my records? Where you consider there are inaccuracies on the record, you can ask the Trust to reconsider the entry and either make an amendment or add a note to the records stating your opinion. The Information Rights Department can advise you on this. What will it cost? For access to personal information (not including health records), a small administrative charge of 10 will be applied to each request. For access to health records the cost is dependent on when your records were last added to or an entry made within them and can range from nothing to a maximum of 50. Can I be refused access? It is very unlikely that you would be refused access to information about yourself. However, the Trust is obliged to approach any third parties who may have supplied information, such as relatives, private healthcare providers or other organisations, including those who have given references for employment purposes, and request their permission before passing this information to you. When asking for health records, there is a possibility that access will be refused or limited to only part of the records if: Your health professional thinks you or someone else could be harmed as a result; The information relates to, or was provided by, an identified individual apart from you or a health professional who has not given their permission to its release; or You are applying on behalf of someone who has died or is no longer capable of managing their own affairs but who originally gave the information on the understanding that it wouldn t be revealed later. 12
13 Access to Corporate Information held by the Trust The Freedom of Information Act and other related legislation, such as the Environmental Information Regulations 2000, came into force in 2005 and provides the right to request information from public authorities. The aim of the legislation is to promote trust and confidence in our public services, including the NHS, by providing clear information and being open about what we do. Will I be able to get access to all the Trust s information? The right to obtain information may be limited by some exemptions which are listed within the Act. The effect of the exemptions is that we may not be able to supply all or part of the information requested. If possible, we will supply the information requested with the exemption information removed. What information is already available? Our Publication Scheme is a complete guide to the information we hold and describes what is routinely published by us. It can be found on our website at If you do not have access to the internet, a copy of the Scheme can also be obtained from: Can I get access to information about myself or other patients? The Freedom of Information Act does not change the right of individuals to protect their confidentiality. Maintaining this right is an important commitment for us as an NHS Trust and, therefore, this type of information cannot be released under the Freedom of Information Act and requests received would be considered under the Data Protection Act The FOI Office St Michaels House St Michaels Road Sittingbourne ME10 3DW How can I apply for information under the Freedom of Information Act? You must make your request in writing including your name and a contact address so that we can respond to you. You do not need to tell us why you want the information but we will need enough information from you to correctly identify and find what you are looking for. Your request should be sent to: foi@kmpt.nhs.uk 13
14 How quickly must the information be provided to me? 2 The information must be provided within 20 working days. This time begins on the day your request has been received by the Trust Is there a charge for the information to be supplied? Ordinarily we will not charge to supply you with information however, the Act sets out an appropriate limit on the time spent to respond to a request for information. If we believe that this limit may be exceeded by the work required to retrieve or collate the information requested, we may choose to either refuse to continue with the request or charge for the information to be supplied. We will notify you as soon as possible if this is the case. How do I query any refusal to provide the information I have requested? If the Trust has refused to provide information, it will have also advised you of its reasons for doing so. If you do not agree with these reasons, you may apply to the FOI Office for an internal review of these reasons by an independent person. If you remain dissatisfied, you can also apply to the Complaints Manager to challenge the decision, see the section entitled Compliments, Complaints and Appeals. If you are still unhappy after your internal review and complaint have been concluded, you can contact the Information Commissioner. The Information Commissioner may order the disclosure if he feels that the refusal was not justified. 14
15 Compliments, Complaints and Appeals We are always looking at ways to improve our communication and the services provided by the Trust. As a result, you may find that you are asked to complete or take part in a satisfaction survey. We welcome your feedback and encourage the completion of such surveys if they are received. If you would like to request a decision to be reconsidered or make an appeal against the outcome of a request for information, please write to: The Information Rights Manager St Michaels House St Michaels Road Sittingbourne ME10 3DW If you would like to raise a concern or make a complaint about the way in which your enquiry has been handled or about our Publication Scheme, these should be made in writing and in the first instance addressed to: The Complaints Manager Trust Headquarters Farm Villa Hermitage Lane Maidstone Kent ME16 9PH You are also free to contact the Information Commissioner directly for advice or guidance or to further your concerns. They have responsibility for ensuring organisations comply with the legislation surrounding accessing both corporate and personal information and can be contacted at: The Information Commissioner Wycliffe House Water Lane Wilmslow Cheshire SK9 5AF Tel: casework@ico.gsi.gov.uk Further Information If you have any questions that this booklet does not answer for you, or would like to know more about Information Governance and how it affects you please contact the Information Rights Department on or write to us at St Michaels House, St Michaels Road, Sittingbourne ME10 3DW To ensure security and confidentiality, we are unable to give out identifiable information over the telephone and appreciate your understanding of this. KM
How To Share Your Health Records With The National Health Service
HOW WE USE YOUR PERSONAL INFORMATION Information Leaflet Your Health. Our Priority. Page 2 of 9 Introduction This Leaflet explains why the NHS collects information about you and how it is used, your right
More informationPatient Information Whose information is it anyway? Your health records
Patient Information Whose information is it anyway? Your health records Derriford Hospital Derriford Road Plymouth PL6 8DH Tel: 0845 155 8155 www.plymouthhospitals.nhs.uk Your health record We ask you
More informationThe Care Record Guarantee Our Guarantee for NHS Care Records in England
The Care Record Guarantee Our Guarantee for NHS Care Records in England January 2011, version 5 Introduction In the National Health Service in England, we aim to provide you with the highest quality of
More informationGuidance for Access to Health Records Requests under the Data Protection Act 1998
Guidance for Access to Health Records Requests under the Data Protection Act 1998 Version 1 July 2002 Version 2 June 2003 Guidance for Access to Health Records Requests under the Data Protection Act 1998
More informationQuick guide to the employment practices code
Data protection Quick guide to the employment practices code Ideal for the small business Contents 3 Contents Section 1 About this guidance 4 Section 2 What is the Data Protection Act? 5 Section 3 Recruitment
More informationThe Care Record Guarantee Our Guarantee for NHS Care Records in England
The Care Record Guarantee Our Guarantee for NHS Care Records in England Introduction In the National Health Service in England, we aim to provide you with the highest quality of healthcare. To do this,
More informationSUBJECT ACCESS REQUEST
DATA PROTECTION ACT 1998 SUBJECT ACCESS REQUEST Procedure Manual 1 Invest NI Subject Access Request Procedure Manual 1. Introduction 1.1 What is a Subject Access Request? 1.2 Routine Requests 1.3 What
More informationRequest under the Freedom of Information Act 2000 (FOIA)
Our Ref: 003115/13 Freedom of Information Section Nottinghamshire Police HQ Sherwood Lodge, Arnold Nottingham NG5 8PP Tel: 101 Ext 800 2507 Fax: 0115 967 2896 29 May 2013 Request under the Freedom of Information
More informationData Protection Policy
Data Protection Policy Introduction The Data Protection Act 1998 gives individuals the right to know what personal information is held about them. It provides a framework to ensure that the Office of the
More informationInformation Governance Policy
Information Governance Policy 1 Introduction Healthwatch Rutland (HWR) needs to collect and use certain types of information about the Data Subjects who come into contact with it in order to carry on its
More informationInformation Assurance Policies and Guidance. Information Governance Policy. Document Version: v0.5 Review Date: 1 May 2016
Information Assurance Policies and Guidance Information Governance Policy Document Version: v0.5 Review Date: 1 May 2016 Owner: Information Governance Manager 1 P a g e Document History Revision Version
More informationInformation Sharing Policy
Information Sharing Policy REFERENCE NUMBER IG 010 / 0v3 February 2013 VERSION V1.0 APPROVING COMMITTEE & DATE Clinical Executive Committee 5.2.13 REVIEW DUE DATE February 2016 West Lancashire CCG is committed
More informationInformation Governance Policy
Information Governance Policy Reference: Information Governance Policy Date Approved: April 2013 Approving Body: Board of Trustees Implementation Date: April 2013 Version: 6 Supersedes: 5 Stakeholder groups
More informationGuidance for Access to Health Records Requests
Guidance for Access to Health Records Requests February 2010 1 DH INFORMATION READER BOX Policy HR / Workforce Management Planning / Clinical Document Purpose Gateway Reference Title Estates Commissioning
More informationAccess to Health Records
Access to Health Records Crown Heights Medical Centre Procedure Access to Health Records ACCESS TO MEDICAL RECORDS (DATA PROTECTION) POLICY INTRODUCTION The Access to Health Records Act 1990 gave individuals
More informationPrivacy Policy. January 2014
Privacy Policy January 2014 Privacy Policy Introduction This policy explains your rights as an individual when using services provided by Her Majesty s Passport Office. Our commitment to you Her Majesty
More informationHampstead Parochial CofE Primary School Data Protection Policy Spring 2015
Hampstead Parochial CofE Primary School Data Protection Policy Spring 2015 1. Introduction and Scope 1.1 The Data Protection Act 1998 is the law that protects personal privacy and applies to any school
More informationINFORMATION GOVERNANCE AND DATA PROTECTION POLICY
INFORMATION GOVERNANCE AND DATA PROTECTION POLICY WN CCG Information Governance & Data Protection Policy July 2013 1 Document Control Sheet Name of Document: Information Governance & Data Protection Policy
More informationContents. Section/Paragraph Description Page Number
- NON CLINICAL NON CLINICAL NON CLINICAL NON CLINICAL NON CLINICAL NON CLINICAL NON CLINICAL NON CLINICA CLINICAL NON CLINICAL - CLINICAL CLINICAL Complaints Policy Incorporating Compliments, Comments,
More informationChild and Adult Services Subject Access Requests Guidance
Child and Adult Services Subject Access Requests Guidance This Guidance is not applicable to Access to Information requests about Adoption. For requests about Adoption please consult the Adoption and Children
More informationHERTSMERE BOROUGH COUNCIL
HERTSMERE BOROUGH COUNCIL DATA PROTECTION POLICY October 2007 1 1. Introduction Hertsmere Borough Council ( the Council ) is fully committed to compliance with the requirements of the Data Protection Act
More informationRequest under the Freedom of Information Act 2000 (FOIA)
Our Ref: 010870/13 Freedom of Information Section Nottinghamshire Police HQ Sherwood Lodge, Arnold Nottingham NG5 8PP Tel: 101 Ext 800 2507 Fax: 0115 967 2896 06 December 2013 Request under the Freedom
More informationYour Ref: Our Ref. Date: 19 June 2014
Policy and Corporate Support Adrian Gowan Policy and Corporate Support Manager Please ask for: Adrian Gowan Direct Line: (01322) 343418 Direct Fax: E-mail: adrian.gowan@dartford.gov.uk Your Ref: Our Ref
More informationRequest under the Freedom of Information Act 2000 (FOIA)
Our Ref: 007907/15 Freedom of Information Section Nottinghamshire Police HQ Sherwood Lodge, Arnold Nottingham NG5 8PP 04 November 2015 Tel: 101 Ext 800 2507 Fax: 0115 967 2896 Request under the Freedom
More informationDATA PROTECTION POLICY
DATA PROTECTION POLICY Version 1.3 April 2014 Contents 1 POLICY STATEMENT...2 2 PURPOSE....2 3 LEGAL CONTEXT AND DEFINITIONS...2 3.1 Data Protection Act 1998...2 3.2 Other related legislation.....4 3.3
More informationComplaints Procedure for Health Services A Patient s Guide Help Us to Help You
Department of Health and Social Care Rheynn Slaynt as Kiarail y Theay National Health Service Complaints Procedure for Health Services A Patient s Guide Help Us to Help You May 2015 NH15 A Patient s Guide
More informationData Protection Policy
Data Protection Policy Version: 1.0 Date: October 2013 Table of Contents 1 Introduction The need for a Data Protection Policy... 3 2 Scope... 3 3 Principles... 3 4 Staff Roles & Responsibilities... 4 5
More informationHalton Borough Council. Privacy Notice
Halton Borough Council Privacy Notice Halton Borough Council is registered as a data controller under the Data Protection Act as we collect and process personal information about you. The information we
More informationRequest under the Freedom of Information Act 2000 (FOIA)
Our Ref: 002425/15 Freedom of Information Section Nottinghamshire Police HQ Sherwood Lodge, Arnold Nottingham NG5 8PP 5 May 2015 Tel: 101 Ext 800 2507 Fax: 0115 967 2896 Request under the Freedom of Information
More informationData Protection Policy A copy of this policy is published in the following areas: The school s intranet The school s website
Data Protection Policy A copy of this policy is published in the following areas: The school s intranet The school s website Date created: November 2015 Date for review: July 2016 Created by: Mark Vanstone,
More informationData Subject Access Request Procedure
Data Subject Access Request Procedure Policy ID IG07 Version: 2.0 Ratified by: Executive Committee Name of originator/author: Justin Dix, Governing Body Secretary Name of responsible committee/individual:
More informationSchedule 10 Provisions Governing the Relationship between NHS Work, Private Practice and Fee Paying Services
Schedule 10 Provisions Governing the Relationship between NHS Work, Private Practice and Fee Paying Services 1. This Schedule should be read in conjunction with the Code of Conduct for Private Practice,
More informationRequest under the Freedom of Information Act 2000 (FOIA)
Our Ref: 002085/15 Freedom of Information Section Nottinghamshire Police HQ Sherwood Lodge, Arnold Nottingham NG5 8PP 20 April 2015 Tel: 101 Ext 800 2507 Fax: 0115 967 2896 Request under the Freedom of
More informationPERSONAL INJURIES ASSESSMENT BOARD DATA PROTECTION CODE OF PRACTICE
PERSONAL INJURIES ASSESSMENT BOARD DATA PROTECTION CODE OF PRACTICE ADOPTED ON 9 th January 2008 TABLE OF CONTENTS Page No. 1 Introduction...3 2 Glossary...3 3 Types of Personal Data held by Us...3 4 Obligations
More informationSouthmead and Henbury Family Practice Patient Access to Medical Records - Information Leaflet
Patient Access to Medical Records - Information Leaflet Access to Health Records under the Data Protection Act 1998 The Data Protection Act 1998 gives every living person, or an authorised representative,
More informationCORK INSTITUTE OF TECHNOLOGY
CORK INSTITUTE OF TECHNOLOGY DATA PROTECTION POLICY APPROVED BY GOVERNING BODY ON 30 APRIL 2009 INTRODUCTION Cork Institute of Technology is committed to a policy of protecting the rights and privacy of
More informationHow To Get A Health Insurance Policy From Mybupa
Information Handling Policy February 2015 Page 1 1. Introduction 1.1 About Bupa In this document, we, us, our and Bupa refers to Bupa Australia Pty Ltd (ABN 81 000 057 590) and its related entities and
More informationCredit Union Board of Directors Introduction, Resolution and Code for the Protection of Personal Information
Credit Union Board of Directors Introduction, Resolution and Code for the Protection of Personal Information INTRODUCTION Privacy legislation establishes legal privacy rights for individuals and sets enforceable
More informationPolicies and Procedures
NHS Blood and Transplant Policies and Procedures Information Charter [POL13] 2 Policy Reference Title Approved by This document replaces version issued June 2008 [POL13] NHSBT Information Charter Information
More informationRequest under the Freedom of Information Act 2000 (FOIA)
Our Ref: 000880/13 Freedom of Information Section Nottinghamshire Police HQ Sherwood Lodge, Arnold Nottingham NG5 8PP Tel: 101 Ext 800 2507 Fax: 0115 967 2896 28 February 2013 Request under the Freedom
More informationSubject Access Request, Procedure, Guidance and Information
Subject Access Request, Procedure, Guidance and Information Updated: July 2015 Page 1 of 61 CONTENTS 1. Introduction 5 2. Legal Context 5 3. Subject Access Request to Personal Records Guidance 6 Guidance
More informationData Protection and Data security Policy
Data Protection and Data security Policy Statement of policy and purpose of Policy 1. Somer Valley Community Radio Ltd (the Employer) is committed to ensuring that all personal information handled by us
More informationRequest under the Freedom of Information Act 2000 (FOIA)
Our Ref: 006253/15 Freedom of Information Section Nottinghamshire Police HQ Sherwood Lodge, Arnold Nottingham NG5 8PP Tel: 101 Ext 800 2507 Fax: 0115 967 2896 07 October 2015 Request under the Freedom
More informationEnvironmental Information Regulations POLICY STATEMENT
Environmental Information Regulations POLICY STATEMENT Implementation Date: 1 February 2014 Next review Date: 1 February 2016 DOCUMENT CONTROL Document History Version Date Changes 2.00 18 November 2013
More informationRequest under the Freedom of Information Act 2000 (FOIA)
Our Ref: 000520/13 Freedom of Information Section Nottinghamshire Police HQ Sherwood Lodge, Arnold Nottingham NG5 8PP Tel: 101 Ext 800 2507 Fax: 0115 967 2896 3 April 2013 Request under the Freedom of
More information10 Questions About Hiring and Resignation
Executive Corridor Darlington Memorial Hospital Hollyhurst Road Darlington DL3 6HX Switchboard Tel: 01325 38 0100 Foundation Trust Office: 01325 74 3625 Corporate Records Office: 01325 74 3700 Request
More informationFREEDOM OF INFORMATION REQUEST
FREEDOM OF INFORMATION REQUEST Request Number: F-2013-05371 Keyword: Operational Policing Subject: Unmanned Aerial Systems (UAS) Purchased By PSNI 2012-2013 Request and Answer: Question 1 The number of
More informationResearch Governance Standard Operating Procedure
Research Governance Standard Operating Procedure The Management and Use of Research Participant Data for Secondary Research Purposes SOP Reference: Version Number: 01 Date: 28/02/2014 Effective Date: Review
More informationRequest under the Freedom of Information Act 2000 (FOIA)
Our Ref: 007228/12 Freedom of Information Section Nottinghamshire Police HQ Sherwood Lodge, Arnold Nottingham NG5 8PP Tel: 101 Ext 800 2507 Fax: 0115 967 2896 14 January 2013 Request under the Freedom
More informationRequest under the Freedom of Information Act 2000 (FOIA)
Our Ref: 003668/15 Freedom of Information Section Nottinghamshire Police HQ Sherwood Lodge, Arnold Nottingham NG5 8PP 9 July 2015 Tel: 101 Ext 800 2507 Fax: 0115 967 2896 Request under the Freedom of Information
More informationPOLICY & PROCEDURES INFORMATION & CLIENT RECORD MANAGEMENT
POLICY & PROCEDURES INFORMATION & CLIENT RECORD MANAGEMENT March 2015 Table of Contents INFORMATION & CLIENT RECORDS MANAGEMENT POLICY #01... 4 PRIVACY POLICY... 4 POLICY STATEMENT... 4 PROCEDURE... 5
More informationBupa Schools Scheme Looking after what s most important
Provided by Bupa Schls Scheme Lking after what s most important bupa.co.uk/schlscheme The subscription rate is 67.50 per child each term and applies for membership year 1 September 2015 to 31 August 2016.
More informationINFORMATION GOVERNANCE STRATEGY
INFORMATION GOVERNANCE STRATEGY Page 1 of 10 Strategy Owner Valerie Penn, Head of Governance Strategy Author Caroline Law, Information Governance Project Manager Directorate Corporate Governance Ratifying
More informationSOMERSET PARTNERSHIP NHS FOUNDATION TRUST RECORDS MANAGEMENT STRATEGY. Report to the Trust Board 22 September 2015. Information Governance Manager
SOMERSET PARTNERSHIP NHS FOUNDATION TRUST RECORDS MANAGEMENT STRATEGY Report to the Trust Board 22 September 2015 Sponsoring Director: Author: Purpose of the report: Key Issues and Recommendations: Director
More informationDATA PROTECTION POLICY
Reference number Approved by Information Management and Technology Board Date approved 14 th May 2012 Version 1.1 Last revised N/A Review date May 2015 Category Information Assurance Owner Data Protection
More informationQUEENSLAND COUNTRY HEALTH FUND. privacy policy. Queensland Country Health Fund Ltd ABN 18 085 048 237. better health cover shouldn t hurt
QUEENSLAND COUNTRY HEALTH FUND privacy policy Queensland Country Health Fund Ltd ABN 18 085 048 237 better health cover shouldn t hurt 1 2 contents 1. Introduction 4 2. National Privacy Principles 5 3.
More informationHuman Resources and Data Protection
Human Resources and Data Protection Contents 1. Policy Statement... 1 2. Scope... 2 3. What is personal data?... 2 4. Processing data... 3 5. The eight principles of the Data Protection Act... 4 6. Council
More informationBridget Rankin Principal Pharmacist, Medicines Information Guy s & St. Thomas NHS Foundation Trust April 2015
Bridget Rankin Principal Pharmacist, Medicines Information Guy s & St. Thomas NHS Foundation Trust April 2015 Aim of the Session Identify legal and ethical problems that may be encountered when providing
More informationSubject Access Request Policy
Subject Access Request Policy Version Version 4.0 Ratified By Date Ratified 24th February 2015 Author(s) Responsible Committee / Officers Date Issue February 2015 Quality, Performance and Finance Committee
More informationRick Parsons Information Governance Officer County Hall 01865 323593 rick.parsons@oxfordshire.gov.uk
Rick Parsons Information Governance Officer County Hall 01865 323593 rick.parsons@oxfordshire.gov.uk 1 THE DATA PROTECTION ACT 1998 2 Requirements of the Act Roles & Responsibilities Best Practice 3 The
More informationData Protection Act a more detailed guide
Data Protection Act a more detailed guide What does the Act do? The Data Protection Act 1998 places considerable duties on organisations which process personal data; increases the rights of access by data
More informationCBHS HEALTH FUND LIMITED PRIVACY POLICY
1. Policy Statement CBHS Health Fund Limited ABN 87 087 648 717 (CBHS) is committed to maintaining the privacy of individuals whose information we collect in accordance with the Australian Privacy Principles
More information2. Scope 2.1 This policy covers all the activities and processes of the University that uses personal information in whatever format.
University of Westminster Personal Data Protection Policy For Compliance with the Data Protection Act 1998 1. Background 1.1 The Data Protection Act 1998 (DPA) defines personal data as data and information
More informationADMINISTRATIVE MANUAL Policy and Procedure
ADMINISTRATIVE MANUAL Policy and Procedure TITLE: Privacy NUMBER: CH 100-100 Date Issued: April 2010 Page 1 of 7 Applies To: Holders of CDHA Administrative Manual POLICY 1. In managing personal information,
More informationFreedom of Information Policy Version 6.0
Freedom of Information Policy Lead executive Name / title of author: Date reviewed: September 2015 Chief Nurse, Executive Director for Risk and Governance Colin Owen, Information Governance and Data Security
More informationMaking a complaint in the independent healthcare sector. A guide for patients
Contents 1. Introduction pages 3 5 2. Local Resolution Stage One pages 6 8 3. Complaints Review Stage Two page 9 4. Independent External Adjudication Stage Three pages 10 11 2 The Patients Association
More informationRequest under the Freedom of Information Act 2000 (FOIA)
Our Ref: 000498/13 Freedom of Information Section Nottinghamshire Police HQ Sherwood Lodge, Arnold Nottingham NG5 8PP Tel: 101 Ext 800 2507 Fax: 0115 967 2896 18 February 2013 Request under the Freedom
More informationHow to see your Health Records
How to see your Health Records NHS Eileanan Siar Western Isles Who is this leaflet for? It is for people who use the NHS in Scotland. People using private healthcare services can see their health records
More informationCORE SKILLS FRAMEWORK INFORMATION GOVERNANCE LESSON NOTES AND TIPS FOR A SUGGESTED APPROACH
CORE SKILLS FRAMEWORK INFORMATION GOVERNANCE LESSON NOTES AND TIPS FOR A SUGGESTED APPROACH These notes are designed to be used in conjunction with the core training PowerPoint slides. The purpose of the
More informationI would also be grateful to receive the name of the contact we should liaise with.
Your ref: Our ref: FOI 12/0880 Department of Energy & Climate Change Head of HR Policy 55 Whitehall London SW1A 2EY London SW1A 2HD E: @decc.gsi.gov.uk www.decc.gov.uk 6 July 2012 RE: FOI 12/0880 Further
More informationINFORMATION GOVERNANCE AND SECURITY 1 POLICY DRAFTED BY: INFORMATION GOVERNANCE LEAD 2 ACCOUNTABLE DIRECTOR: SENIOR INFORMATION RISK OWNER
INFORMATION GOVERNANCE AND SECURITY 1 POLICY DRAFTED BY: INFORMATION GOVERNANCE LEAD 2 ACCOUNTABLE DIRECTOR: SENIOR INFORMATION RISK OWNER 3 APPLIES TO: ALL STAFF 4 COMMITTEE & DATE APPROVED: AUDIT COMMITTEE
More informationData Protection Policy
Data Protection Policy Version: V1 Ratified by: Operational Management Executive Committee Date ratified: 26 September 2013 Name and Title of originator/author(s): Chris Brady, FOI, Data Protection and
More informationINFORMATION GOVERNANCE POLICY
INFORMATION GOVERNANCE POLICY Primary Intranet Location Information Management & Governance Version Number Next Review Year Next Review Month 7.0 2018 January Current Author Phil Cottis Author s Job Title
More informationData Sharing Protocol
Data Sharing Protocol Agreement for Sharing Data Between Partners of the South Dublin Childrens Services Committee Version 0.4 Final Draft June 2009 Contents 1 Preface...3 2 Introduction & Overview...3
More informationCBHS HEALTH FUND LIMITED PRIVACY POLICY
1. Policy Statement CBHS Health Fund Limited ABN 87 087 648 717 (CBHS) is committed to maintaining the privacy of individuals whose information we collect in accordance with the Australian Privacy Principles
More informationInformation Governance Framework. June 2015
Information Governance Framework June 2015 Information Security Framework Janice McNay June 2015 1 Company Thirteen Group Lead Manager Janice McNay Date of Final Draft and Version Number June 2015 Review
More informationRequest under the Freedom of Information Act 2000 (FOIA)
Our Ref: 005851/12 Freedom of Information Section Nottinghamshire Police HQ Sherwood Lodge, Arnold Nottingham NG5 8PP 1 November 2012 Tel: 101 Ext 800 2507 Fax: 0115 967 2896 Request under the Freedom
More informationROYAL AUSTRALASIAN COLLEGE OF SURGEONS
1. SCOPE This policy details the College s privacy policy and related information handling practices and gives guidelines for access to any personal information retained by the College. This includes personal
More informationWhat you should know about Data Quality. A guide for health and social care staff
What you should know about Data Quality A guide for health and social care staff Please note the scope of this document is to provide a broad overview of data quality issues around personal health information
More informationPACIFIC EXPLORATION & PRODUCTION CORPORATION (the Corporation )
PRIVACY POLICY (Initially adopted by the Board of Directors on November 16, 2007) PACIFIC EXPLORATION & PRODUCTION CORPORATION (the Corporation ) The Corporation is committed to controlling the collection,
More informationPolicy Document Control Page
Policy Document Control Page Title Title: Data Protection Policy Version: 3 Reference Number: CO59 Keywords: Data, access, principles, protection, Act. Data Subject, Information Supersedes Supersedes:
More informationGuidance on health and character
Guidance on health and character Who is this document for?... 2 About the structure of this document... 2 Section 1: Introduction... 4 About us (the HPC)... 4 How we are run... 5 About registration...
More informationPolicy and Procedure for Handling and Learning from Feedback, Comments, Concerns and Complaints
Policy and Procedure for Handling and Learning from Feedback, Comments, Concerns and Complaints Author: Shona Welton, Head of Patient Affairs Responsible Lead Executive Director: Endorsing Body: Governance
More informationnationalcarestandards
nationalcarestandards dignity privacy choice safety realising potential equality and diversity SCOTTISH EXECUTIVE Making it work together nationalcarestandards dignity privacy choice safety realising potential
More informationMerthyr Tydfil County Borough Council. Data Protection Policy
Merthyr Tydfil County Borough Council Data Protection Policy 2014 Cyfarthfa High School is a Rights Respecting School, we recognise the importance of ensuring that the United Nations Convention of the
More informationPRIVACY POLICY. Privacy Statement
PRIVACY POLICY Privacy Statement Blue Care is one of Australia's leading providers of retirement living, community health, help at home services and aged care homes, caring for more than 12,500 people
More informationYour duties as a registrant. How to complete your continuing professional development profile
Your duties as a registrant How to complete your continuing professional development profile Contents About this document 1 Section 1: Submitting your CPD profile 2 Auditing the CPD of health and care
More informationScotland s Commissioner for Children and Young People Records Management Policy
Scotland s Commissioner for Children and Young People Records Management Policy 1 RECORDS MANAGEMENT POLICY OVERVIEW 2 Policy Statement 2 Scope 2 Relevant Legislation and Regulations 2 Policy Objectives
More informationAlign Technology. Data Protection Binding Corporate Rules Controller Policy. 2014 Align Technology, Inc. All rights reserved.
Align Technology Data Protection Binding Corporate Rules Controller Policy Contents INTRODUCTION 3 PART I: BACKGROUND AND ACTIONS 4 PART II: CONTROLLER OBLIGATIONS 6 PART III: APPENDICES 13 2 P a g e INTRODUCTION
More informationData Protection and Privacy Policy
Data Protection and Privacy Policy 1. General This policy outlines Conciliation Resources commitments to respect the privacy of people s personal information and observe the relevant data protection legislation.
More informationJOB DESCRIPTION. Enhanced CRB with Both Barred Lists Check
JOB DESCRIPTION JOB TITLE: Service Manager (Access) BAND: Agenda for Change Band (Band 8b) HOURS AND: DURATION As specified in the job advertisement and the Contract of Employment AGENDA FOR CHANGE (reference
More informationRequest under the Freedom of Information Act 2000 (FOIA)
Our Ref: 002793/13 Freedom of Information Section Nottinghamshire Police HQ Sherwood Lodge, Arnold Nottingham NG5 8PP Tel: 101 Ext 800 2507 Fax: 0115 967 2896 23 April 2013 Request under the Freedom of
More informationScottish Rowing Data Protection Policy
Revision Approved by the Board August 2010 1. Introduction As individuals, we want to know that personal information about ourselves is handled properly, and we and others have specific rights in this
More informationThe kinds of personal information we collect and hold vary depending on the services we are providing, but generally can include:
ABN 47 001 768 190 AFSL 244526 Our Privacy Policy At Capital Insurance Brokers, we are committed to protecting your privacy in accordance with the Privacy Act 1988 (Cth) (Privacy Act) and the Australian
More informationWSIC Integrated Care Record FAQs
WSIC Integrated Care Record FAQs How your information is shared now Today, all the places where you receive care keep records about you. They can usually only share information from your records by letter,
More informationPRIVACY POLICY. comply with the Australian Privacy Principles ("APPs"); ensure that we manage your personal information openly and transparently;
PRIVACY POLICY Our Privacy Commitment Glo Light Pty Ltd A.C.N. 099 730 177 trading as "Lighting Partners Australia of 16 Palmer Parade, Cremorne, Victoria 3121, ( LPA ) is committed to managing your personal
More informationRECORDS MANAGEMENT POLICY
RECORDS MANAGEMENT POLICY Version 8.0 Purpose: For use by: This document is compliant with /supports compliance with: To outline the lifecycle of a record and to provide guidance on retention and disposal
More informationA Guide to Making a Power of Attorney. (Extracts from the official guide of the Office of the Public Guardian (Scotland))
A Guide to Making a Power of Attorney (Extracts from the official guide of the Office of the Public Guardian (Scotland)) Introduction This guide is for individuals who wish to appoint one or more persons
More informationData Protection Act. Privacy & Security in the Information Age. April 26, 2013. Ministry of Communications, Ghana
Data Protection Act Privacy & Security in the Information Age April 26, 2013 Agenda Privacy in The Information Age The right to privacy Why We Need Legislation Purpose of the Act The Data Protection Act
More information