+44 (0)1273 25 28 27NHS Information Governance Services
Information Governance relates to the way organisations ‘process’ or handle information. It covers personal information, i.e., that relating to patients/service users and employees, and corporate information, e.g., financial and accounting records.
Information Governance provides a way for employees to deal consistently with the many different rules about how information is handled, including those set out in:
- The General Data Protection Regulation
- The Common Law Duty of Confidentiality
- The Confidentiality NHS Code of Practice
- The NHS Care Record Guarantee for England
- The Social Care Record Guarantee for England
- ISO 27002 Information technology – Security techniques – Code of practice for information security controls
- The Information Security NHS Code of Practice
- The Records Management NHS Code of Practice
- The Freedom of Information Act 2000
Our NHS Information Governance Services
We are proud to be one of the most experienced companies in the UK in advising and auditing NHS Trusts on information governance and security, as well as auditing their Commercial Third Parties (CTP) and service providers e.g. GP practices, pharmacies, etc.
We have advised, consulted, implemented, delivered training and audited all aspects of the Information Governance toolkit to over 50 NHS Trusts.
We provide:
- Training and support for Caldicott Guardians and Senior Information Risk Officers (SIRO)
- Information Asset Owners (IAO) and Information Asset Administrators (IAA)
- Implement local monitoring of and accountability for national standards
- Clear and enforceable practice in relation to all providers to the NHS, including independent providers/Commercial Third Parties
- Contractual requirements for all staff (including staff not employed by the NHS)
- Information Governance toolkit assurances
Benefits of NHS Information Governance
- Effective information governance
- Public confidence that the electronic NHS is secure
- Necessary safeguards for appropriate use of patient and personal information
- Demonstration of clarity, accountability, transparency, coherence and consistency
- Provision of sound policy, standard-setting, independent oversight and monitoring
- Standards of practice for confidentiality and patient consent to information sharing
- Technical assurance of the safeguards protecting patient data, through clear guidelines
If you have an information security question or would like to hear from one of our consultants, please call us now
+44 (0)1273 25 28 27
info@astoninfosec.co.uk
Aston Information Security are Information Security consultants that specialise in assurance, audits, supply chain cyber security, data protection and risk management consultancy.
