Presentation is loading. Please wait.

Presentation is loading. Please wait.

Information Governance Sylvia Reynolds Senior Resources Officer / Information Governance Manager.

Published byClaud Miles Modified over 9 years ago

Similar presentations

Presentation on theme: "Information Governance Sylvia Reynolds Senior Resources Officer / Information Governance Manager."— Presentation transcript:

1 Information Governance Sylvia Reynolds Senior Resources Officer / Information Governance Manager

2 What is Information Governance? Information Governance is an overarching term that we use to cover managing information that is held in any form – i.e. creation, handling, sharing storing and disposal Benefits Knowledge/Change Management Reduce physical and electronic storage space Enable mobile / home working Reduce risks Better service to the public Data Protection Freedom of Information Environmental Information Information Security Information Sharing Records Management Regulation of Investigatory Powers Act 2000 Information Strategy/Policies National Information Standards

3 Ownership and Responsibility The Council, elected members, employees and partnering organisations all have a duty to ensure that both business and personal information is dealt with legally, securely, efficiently and effectively, in order to deliver the best possible services Information Commissioner has power to issue monetary penalties of up to £500,000

4 IT- Destruction - Brighton and Sussex University Hospitals NHS Trust fined £325,000. Personal data of tens of thousands of patients and staff on hard drives sold on internet Email to wrong recipients 3 times - Surrey County Council fined £120,000 – group email, 361 addresses. Fax to wrong recipients twice - Hertfordshire County Council was fined £100,000 - Child sex abuse. Unencrypted laptop - Sheffield-based A4e provides information on employment and starting a business 24,000 people affected - fined £60,000. Paper Records Theft from Home - Barnet £70,000 - names, addresses, dates of birth and details of the sexual activities of 15 vulnerable children or young people. Social worker took the paper records home to work on them out of hours. ICO Penalties Issued

5 Prosecutions Individuals – criminal or malicious intent can be fined up-to £5000 A Slough letting agent obtained details about their tenants from an employee at Slough Borough Council - Used by the company to chase up their tenant’s outstanding debts Selling Personal Information- A&E reception NHS patient information - to personal injury claims company. Receptionist at a GP Surgery- on 15 separate accessing ex husbands new wife medical records Call for custodial sentences Call for compulsory Data Protection audits

6 Incidents 2 Significant incidents 50 More incidents in 2012 Data Protection Audit – Limited Assurance Actions required ICO Action Plan Corporate ownership Awareness/Training Standardisation Enforcement Information Amnesty Risks in Middlesbrough

7 Roles & Responsibilities Senior Information Risk Owner - Set strategic direction,Ensures there is accountability throughout the Council Information Governance Manager – Develop corporate standards and policies, operational advice/guidance to staff Information Working Group - Agreeing an ongoing programme of work to improve Information Governance within their department and within the Council Audit - ensure compliance against corporate Standards/Policies

8 Information Governance Team Monitor ICO /Audit Action Plans Information Requests - Supporting Service Areas Compliance audits Policy reviews Incident management Advise on investigations. Information Commissioner’s Complaints Mandatory Training Programme Develop an Information Strategy Develop a Corporate Information Sharing Protocol Facilitate a more proactive approach to developing standards, liaison with the Caldicott Guardians, ICT and transformation projects. Monitor and authorise RIPA Applications

9 Cases/Requests2012 Data Protection/Subject Access Requests 42 Freedom of Information/Environmental Information 1064 Information Security Incidents 52 RIPA applications 24

10 Further Information

11 END

12 EXAMPLES OF MBC INCIDENTS CAUSETYPE DATA CarBreak in to car window when it was parked and double locked but unattended. ID badge, an entry Fob, a diary containing 11 patients initials 8 of which also had their addresses & a notebook containing initials and assessment details of patent's/service users Memory Stick Partner information - Transferred to a third party unencrypted lap top Forensic Social care Files containing sensitive personal data of 24 service users total of 216 docs. EmailEmail & attachment to wrong internal group e-mail address - approx 150 recipients Child Protection / Domestic Violence Referral Filing Cabinet Files found in stored furniture redundant after office move Confidential Youth offending case files Hard drive Staff Personal hard drive sold on Ebay Containing CFL client information Partner Laptop theft - Domiciliary Care provider - Allied - broken into and 2 laptops stolen. Names and addresses of Social care clients in receipt of domiciliary care. Allied's IT support have assured them all data is safe need pin numbers and are encrypted.

13 EXAMPLES OF MBC INCIDENTS CAUSETYPE DATA Manual Transporting Information Gust of wind blew document out of technician's hand - unable to retrieve Sensitive personal data re a client and a name and work details of an employee Brief case An open briefcase found at the Deaf Centre. Details of 6 children with disabilities. Letter Sent to wrong addressSensitive personal data - core assessment form CourierBox of approximately 20 children’s case files left in a corridor by a courier when office it was addressed to was locked. Children's case files for archive

Download ppt "Information Governance Sylvia Reynolds Senior Resources Officer / Information Governance Manager."

Similar presentations

THE DEPARTMENT OF HEALTH AND HUMAN SERVICES (HHS) OFFICE FOR CIVIL RIGHTS (OCR) ENFORCES THE HIPAA PRIVACY, SECURITY, AND BREACH NOTIFICATION RULES HIPAA.

THE DEPARTMENT OF HEALTH AND HUMAN SERVICES (HHS) OFFICE FOR CIVIL RIGHTS (OCR) ENFORCES THE HIPAA PRIVACY, SECURITY, AND BREACH NOTIFICATION RULES HIPAA.
Information Governance, Love it or Hate it!

Information Governance, Love it or Hate it!
Records Management and the NHS Code of Practice (Foundation) Information Governance Policy Team NHS Connecting for Health.

Records Management and the NHS Code of Practice (Foundation) Information Governance Policy Team NHS Connecting for Health.
Introduction to Information Governance (IG)

Introduction to Information Governance (IG)
Records Management and the NHS Code of Practice (Foundation) Information Governance Policy Team NHS Connecting for Health.

Records Management and the NHS Code of Practice (Foundation) Information Governance Policy Team NHS Connecting for Health.
A Safe Church Safeguarding children and adults who may be vulnerable Diocesan Policies, Procedures and Guidelines Material compiled by Jill Sandham, Diocesan.

A Safe Church Safeguarding children and adults who may be vulnerable Diocesan Policies, Procedures and Guidelines Material compiled by Jill Sandham, Diocesan.
A Safe Church Safeguarding children and adults who may be vulnerable Diocesan Policies, Procedures and Guidelines for PCCs, 2009. Material compiled by.

A Safe Church Safeguarding children and adults who may be vulnerable Diocesan Policies, Procedures and Guidelines for PCCs, Material compiled by.
Health Records Management Practitioner

Health Records Management Practitioner
International Telecommunication Union HIPSSA Project Support for Harmonization of the ICT Policies in Sub-Sahara Africa, TRAINING /DATA PROTECTION LAW.

International Telecommunication Union HIPSSA Project Support for Harmonization of the ICT Policies in Sub-Sahara Africa, TRAINING /DATA PROTECTION LAW.
1. As a Florida KidCare community partner families entrust you to not only help them navigate the Florida KidCare system but to keep the information they.

1. As a Florida KidCare community partner families entrust you to not only help them navigate the Florida KidCare system but to keep the information they.
Health Insurance Portability and Accountability Act HIPAA Education for Volunteers and Students.

Health Insurance Portability and Accountability Act HIPAA Education for Volunteers and Students.
HIPAA. What Why Who How When What Is HIPAA? Health Insurance Portability & Accountability Act of 1996.

HIPAA. What Why Who How When What Is HIPAA? Health Insurance Portability & Accountability Act of 1996.
NAU HIPAA Awareness Training

NAU HIPAA Awareness Training
Confidentiality & Records Management. What is Information Governance? What is Records Management?

Confidentiality & Records Management. What is Information Governance? What is Records Management?
Information Governance

Information Governance
Information Governance in Commissioning Mental Health Commissioners Collaborative.

Information Governance in Commissioning Mental Health Commissioners Collaborative.
HIPAA Basic Training for Privacy and Information Security Vanderbilt University Medical Center VUMC HIPAA Website: www.mc.vanderbilt.edu/HIPAA HIPAA Basic.

HIPAA Basic Training for Privacy and Information Security Vanderbilt University Medical Center VUMC HIPAA Website: HIPAA Basic.
Data Protection for Church of Scotland Congregations

Data Protection for Church of Scotland Congregations
New Data Regulation Law 201 CMR 17.00. TJX Video.

New Data Regulation Law 201 CMR TJX Video.
Information Security Decision- Making Tool What kind of data do I have and how do I protect it appropriately? Continue Information Security decision making.

Information Security Decision- Making Tool What kind of data do I have and how do I protect it appropriately? Continue Information Security decision making.

Similar presentations

Ads by Google