Information Governance

What is Information Governance?

Information Governance provides a framework that brings together all the requirements, standards and best practice that apply to the handling of personal information, ensuring that all information is dealt with legally, securely, efficiently and effectively, in order to deliver the best possible care to patients. Specifically it is concerned with how we hold, obtain, retrieve, use and store person identifiable data.

Information Governance relates to the proper use, control, security, and confidentiality of information. The work of Information Governance is directed, by and large, by statutory and policy directives by which organisations must abide.

The principal directives are:

• Caldicott recommendations relating to confidentiality, the use of patient-related data and the procedures and processes that must be in place to protect it. A programme of assessment and improvement must be introduced and reported.
• The General Data Protection Regulation 2016 lays down the statutory requirements for the processing of information about people by which all organisations and individuals must abide.
• Other relevant directives include the Freedom of Information Act; Access to Health Records Act; Environmental Information Regulations and the NHS Code of Confidentiality.

The Caldicott guardian for the trust is Dr Anne-Louise Schokker, medical director

The senior information risk owner (SIRO) for the trust is Ceri Lennon, director of people and innovation

Fair processing notice

Visit the fair processing notice webpage to see how we use your information.