Information Governance policies

Our information governance policies set out how we handle information, in particular personal and sensitive data.

Confidentiality and Data Protection Policy

This policy relates to the processing of personal information and to the management of personal information about staff, patients/service users. The CCG is required by law to comply with the Data Protection Act 1998, which is concerned with the lawful processing of information relating to living individuals. To comply with the law staff or others who process personal information must ensure they follow the Data Protection Principles and the Caldicott Principles. The obligation to keep information confidential arises out of the common law duty of confidentiality, professional obligations and staff/third party contracts. The NHS code of Practice: Confidentiality provides guidance to the NHS and related organisations. These duties and obligations mean that all staff with access to confidential personal information must keep that information safe and secure.

Data Quality Policy

Information Access policy

This policy relates to all information and records held by or on behalf of the CCGs whether computerised, paper or any other permanent storage media, including photographic, video and voice recordings and is supported by appropriate procedures to assist staff in complying with the CCGs statutory obligations. This policy will be available on the internet in line with the Guide to Information.

Information Access Policy

Information Governance and Information Risk Policy

Information Security policy

This policy document sets out the detailed procedures, rules and standards governing information security that all users of the CCG’s information systems must comply with. This policy document states the CCG’s commitment to information security and sets out the CCG’s overall approach to managing information security.

Information Security Policy

Records Management Policy and Strategy

This policy sets out the principles of records management for the CCG. It provides a framework for the consistent and effective management of records that is standards based and fully integrated with other information governance initiatives within the CCG. Records management is necessary to support the business of the CCG and to meet its obligations in terms of legislation and national guidelines.

Records Management Policy and Strategy