Information Governance Sylvia Reynolds Senior Resources Officer / Information Governance Manager.

Slides:



Advertisements
Similar presentations
THE DEPARTMENT OF HEALTH AND HUMAN SERVICES (HHS) OFFICE FOR CIVIL RIGHTS (OCR) ENFORCES THE HIPAA PRIVACY, SECURITY, AND BREACH NOTIFICATION RULES HIPAA.
Advertisements

Information Governance, Love it or Hate it!
Records Management and the NHS Code of Practice (Foundation) Information Governance Policy Team NHS Connecting for Health.
Introduction to Information Governance (IG)
Records Management and the NHS Code of Practice (Foundation) Information Governance Policy Team NHS Connecting for Health.
A Safe Church Safeguarding children and adults who may be vulnerable Diocesan Policies, Procedures and Guidelines Material compiled by Jill Sandham, Diocesan.
A Safe Church Safeguarding children and adults who may be vulnerable Diocesan Policies, Procedures and Guidelines for PCCs, Material compiled by.
Health Records Management Practitioner
International Telecommunication Union HIPSSA Project Support for Harmonization of the ICT Policies in Sub-Sahara Africa, TRAINING /DATA PROTECTION LAW.
1. As a Florida KidCare community partner families entrust you to not only help them navigate the Florida KidCare system but to keep the information they.
Health Insurance Portability and Accountability Act HIPAA Education for Volunteers and Students.
HIPAA. What Why Who How When What Is HIPAA? Health Insurance Portability & Accountability Act of 1996.
NAU HIPAA Awareness Training
Confidentiality & Records Management. What is Information Governance? What is Records Management?
Information Governance
Information Governance in Commissioning Mental Health Commissioners Collaborative.
HIPAA Basic Training for Privacy and Information Security Vanderbilt University Medical Center VUMC HIPAA Website: HIPAA Basic.
Data Protection for Church of Scotland Congregations
New Data Regulation Law 201 CMR TJX Video.
Information Security Decision- Making Tool What kind of data do I have and how do I protect it appropriately? Continue Information Security decision making.
Practical Information Management
Information Governance Jym Bates Head of Information Assurance.
Handling information 14 Standard.
NHS England & Customer Contact Centre FOI Introduction 2013.
Hertfordshire Partnership NHS Foundation Trust Safeguarding Adults & Children Board Presentation Lorraine Wiener & Jemima Burnage 19 th October 2011.
SOCIAL PRESCRIBING WORKSHOP 4 th December Social prescribing in Bexley Funded by CCG and Council Lots of support politically Initial pilot in Clocktower.
1 Freedom of Information (Scotland) Act 2002 A strategic view.
How Hospitals Protect Your Health Information. Your Health Information Privacy Rights You can ask to see or get a copy of your medical record and other.
Privacy and Information Management ICT Guidelines.
Recordkeeping for Councillors
Information Governance Policies. Business Support and Corporate Information Resources Team… Working to create a knowledge led organisation Information.
Information Commissioner’s Office Sheila Logan Operations and Policy Manager Information Commissioner’s Office Business Matters 20 May 2008.
The Data Protection Act What Data is Held on Individuals? By institutions: –Criminal information, –Educational information; –Medical Information;
Local Government Reform and Compliance with the DPA Ken Macdonald Assistant Commissioner (Scotland & Northern Ireland) Information Commissioner’s Office.
Data Protection Property Management Conference. What’s it got to do with me ? As a member of a management committee responsible for Guiding property you.
Your health record How the local NHS uses and protects the information held about you Other ways that your records may be used Your local NHS services.
12/12/2015 Data Protection Act /12/2015 The DP Act A law that protects personal privacy and upholds individual’s rights Anyone who handles personal.
SCHOOLS FINANCE OFFICERS MEETINGS Records Management, “Paper-Lite” Environments and Procedures when a school closes Elizabeth Barber.
1Copyright Jordan Lawrence. All rights reserved. U. S. Privacy and Security Laws DELVACCA INAUGURAL INHOUSE COUNSEL CONFERENCE April 1, 2009 Marty.
Introduction to Information Governance (IG) Mark Scallan – Head of IG/Data Protection Officer Angela Kaye – IG Officer.
Organizing a Privacy Program: Administrative Infrastructure and Reporting Relationships Presented by: Samuel P. Jenkins, Director Defense Privacy Office.
RECORDS MANAGEMENT TRAINING. WHAT HAS RECORDS MANAGEMENT GOT TO DO WITH ME? Records management is everyone’s responsibility. The three examples which.
INFORMATION GOVERNANCE AND CONFIDENTIALITY Information Governance Facilitator.
University Retention Schedule Training. Introduction to the University Retention Schedule.
WESTERN PA CHAPTER OF THE AMERICAN PAYROLL ASSOCIATION – NOVEMBER 4, 2015 Risk Management for Payroll.
Information Security January What is Information Security?  Information Security is about the physical security of our equipment and networks as.
Data protection for commissioners Vicky Cetinkaya, Senior Policy Officer, Strategic Liaison Katie Hanrahan, Lead Auditor, Good Practice 2 July 2015.
1 Information Governance (For Dental Practices) Norman Pottinger Information Governance Manager NHS Suffolk.
ContactPoint Implementation update ISA Steering Group 11 th November 2009.
Introduction to Data Protection Plan »Brief Introduction to Data Protection  Example  Principles  P3, 4, 7  Sensitive Data  Conditions for Processing.
Handling Personal Data & Security of Information Paula Trim, Information Officer, Children’s Strategic Services, Mon – Thurs 9:15-2:15.
POLICIES & PROCEDURES FOR HANDLING CONFIDENTIAL INFORMATION NOVEMBER 5 TH 2015.
Properly Safeguarding Personally Identifiable Information (PII) Ticket Program Manager (TPM) Social Security’s Ticket to Work Program.
Information Governance A refresher for all staff who have previously gone through the full course.
Protecting PHI & PII 12/30/2017 6:45 AM
INFORMATION GOVERNANCE
Data Protection Session
HIPAA Basic Training for Privacy and Information Security
Chapter 3: IRS and FTC Data Security Rules
Data Protection Scenarios
INFORMATION GOVERNANCE
New Data Protection Legislation
HIPAA PRIVACY AWARENESS, COMPLIANCE and ENFORCEMENT
Information for Patients Please return to reception
Information management and communication
INFORMATION GOVERNANCE
Understanding Data Protection
Move this to online module slides 11-56
Handling information 14 Standard.
Presentation transcript:

Information Governance Sylvia Reynolds Senior Resources Officer / Information Governance Manager

What is Information Governance? Information Governance is an overarching term that we use to cover managing information that is held in any form – i.e. creation, handling, sharing storing and disposal Benefits Knowledge/Change Management Reduce physical and electronic storage space Enable mobile / home working Reduce risks Better service to the public Data Protection Freedom of Information Environmental Information Information Security Information Sharing Records Management Regulation of Investigatory Powers Act 2000 Information Strategy/Policies National Information Standards

Ownership and Responsibility The Council, elected members, employees and partnering organisations all have a duty to ensure that both business and personal information is dealt with legally, securely, efficiently and effectively, in order to deliver the best possible services Information Commissioner has power to issue monetary penalties of up to £500,000

IT- Destruction - Brighton and Sussex University Hospitals NHS Trust fined £325,000. Personal data of tens of thousands of patients and staff on hard drives sold on internet to wrong recipients 3 times - Surrey County Council fined £120,000 – group , 361 addresses. Fax to wrong recipients twice - Hertfordshire County Council was fined £100,000 - Child sex abuse. Unencrypted laptop - Sheffield-based A4e provides information on employment and starting a business 24,000 people affected - fined £60,000. Paper Records Theft from Home - Barnet £70,000 - names, addresses, dates of birth and details of the sexual activities of 15 vulnerable children or young people. Social worker took the paper records home to work on them out of hours. ICO Penalties Issued

Prosecutions Individuals – criminal or malicious intent can be fined up-to £5000 A Slough letting agent obtained details about their tenants from an employee at Slough Borough Council - Used by the company to chase up their tenant’s outstanding debts Selling Personal Information- A&E reception NHS patient information - to personal injury claims company. Receptionist at a GP Surgery- on 15 separate accessing ex husbands new wife medical records Call for custodial sentences Call for compulsory Data Protection audits

Incidents 2 Significant incidents 50 More incidents in 2012 Data Protection Audit – Limited Assurance Actions required ICO Action Plan Corporate ownership Awareness/Training Standardisation Enforcement Information Amnesty Risks in Middlesbrough

Roles & Responsibilities Senior Information Risk Owner - Set strategic direction,Ensures there is accountability throughout the Council Information Governance Manager – Develop corporate standards and policies, operational advice/guidance to staff Information Working Group - Agreeing an ongoing programme of work to improve Information Governance within their department and within the Council Audit - ensure compliance against corporate Standards/Policies

Information Governance Team Monitor ICO /Audit Action Plans Information Requests - Supporting Service Areas Compliance audits Policy reviews Incident management Advise on investigations. Information Commissioner’s Complaints Mandatory Training Programme Develop an Information Strategy Develop a Corporate Information Sharing Protocol Facilitate a more proactive approach to developing standards, liaison with the Caldicott Guardians, ICT and transformation projects. Monitor and authorise RIPA Applications

Cases/Requests2012 Data Protection/Subject Access Requests 42 Freedom of Information/Environmental Information 1064 Information Security Incidents 52 RIPA applications 24

Further Information

END

EXAMPLES OF MBC INCIDENTS CAUSETYPE DATA CarBreak in to car window when it was parked and double locked but unattended. ID badge, an entry Fob, a diary containing 11 patients initials 8 of which also had their addresses & a notebook containing initials and assessment details of patent's/service users Memory Stick Partner information - Transferred to a third party unencrypted lap top Forensic Social care Files containing sensitive personal data of 24 service users total of 216 docs. & attachment to wrong internal group address - approx 150 recipients Child Protection / Domestic Violence Referral Filing Cabinet Files found in stored furniture redundant after office move Confidential Youth offending case files Hard drive Staff Personal hard drive sold on Ebay Containing CFL client information Partner Laptop theft - Domiciliary Care provider - Allied - broken into and 2 laptops stolen. Names and addresses of Social care clients in receipt of domiciliary care. Allied's IT support have assured them all data is safe need pin numbers and are encrypted.

EXAMPLES OF MBC INCIDENTS CAUSETYPE DATA Manual Transporting Information Gust of wind blew document out of technician's hand - unable to retrieve Sensitive personal data re a client and a name and work details of an employee Brief case An open briefcase found at the Deaf Centre. Details of 6 children with disabilities. Letter Sent to wrong addressSensitive personal data - core assessment form CourierBox of approximately 20 children’s case files left in a corridor by a courier when office it was addressed to was locked. Children's case files for archive

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.