INFORMATION GOVERNANCE MANAGEMENT FRAMEWORK

Similar documents
NHS SOUTH NORFOLK CLINICAL COMMISSIONING GROUP COMMUNICATIONS AND ENGAGEMENT STRATEGY

Information Governance Policy

Herts Valleys Clinical Commissioning Group. Review of NHS Herts Valleys CCG Constitution

Merton Clinical Commissioning Group Constitution. [29 May] 2012

Appointment of External Auditors

Continuing Healthcare Patient Choice and Resource Allocation Policy

Accountable Officer Report

NHS HMR CCG and NHS England Primary Care Joint Commissioning Committee 2015/16

NHS Bedfordshire Clinical Commissioning Group Constitution. December 2012 version 7

Lambeth Clinical Commissioning Group

Mansfield & Ashfield Clinical Commissioning Group Newark & Sherwood Clinical Commissioning Group DISCIPLINARY POLICY

Collaboration Agreement

CCTV Policy. Policy reviewed by Academy Transformation Trust on June This policy links to: Safeguarding Policy Data Protection Policy

CCTV Policy. Policy reviewed by Academy Transformation Trust on June This policy links to: T:Drive. Safeguarding Policy Data Protection Policy

Protection of Privacy Policy

GOVERNING BODY MEETING in Public 25 April 2018 Agenda Item 3.2

Supporting Notes to the CCG Model Constitution

Workforce and Governing Body Members Equality Information (incorporating the WRES progress report) For further information please contact:

NHS South Kent Coast. Clinical Commissioning Group. Complaints, Comments and Compliments Policy

Terms of Reference for the UK Research and Innovation Audit, Risk, Assurance and Performance Committee

SAFEGUARDING ADULTS FRAMEWORK. Prevention and effective responses to neglect, harm and abuse is a basic requirement of modern health care services.

Patient Choice and Resource Allocation Policy. NHS South Warwickshire Clinical Commissioning Group (the CCG)

Policies for the Commissioning of Health and Healthcare

INTERMODAL PLANNING COMMITTEE TERMS OF REFERENCE

An interpretation of NHS England s Primary Care Co-commissioning: Regional Roadshows questions and answers Rachel Lea, Beds & Herts LMC Ltd

headspace Bairnsdale Private Practitioners: Model for Operations and Support

The UNISDR Global Science & Technology Advisory Group for the implementation of the Sendai Framework for Disaster Risk Reduction UNISDR

Health & Safety Policy Statement

GSA SUMMARY REPORT OF EQUALITY CONSIDERATION AND ASSESSMENT OF EQUALITY IMPACT. PGT Ethics Policy. New: Existing/Reviewed: Revised/Updated:

NHS Lanarkshire s Equal Pay Statement and Pay Information 2017

Personal Medical Services (PMS) Contract Review Update

Led by clinicians, accountable to local people. East Lancashire Clinical Commissioning Group: Equality & Inclusion Annual Report

City and Hackney CCG Clinical Governance Framework. Approved by the CCG Board November 2014

Herefordshire CCG Patient Choice and Resource Allocation Policy

General Manager Assurance and Risk Management in Oakton;

JOINT PRIMARY CARE COMMISSIONING COMMITTEES

NHS South Tees Clinical Commissioning Group. Governing Body. Agenda Item:

NHS Vale of York CCG TURNAROUND ACTION PLAN

Melbourne IT Audit & Risk Management Committee Charter

NHS CONTINUING HEALTH CARE:

SWL Primary Care Quality, Prevention and Innovation Working Group

LLOYDS BANKING GROUP MATTERS RESERVED TO THE BOARDS (LLOYDS BANKING GROUP PLC, LLOYDS BANK PLC, BANK OF SCOTLAND PLC & HBOS PLC)

Both strategies are available on the CCG s website:

PRIMARY CARE CO-COMMISSIONING

BOARD PAPER - NHS ENGLAND. To provide an update on discussions and actions following the authorisation and assurance committee held in October 2013.

Getting the evidence: Using research in policy making

Policy for CCG Engagement with the Pharmaceutical Industry

[Definitions of terms that are underlined are found at the end of this document.]

Extract of Advance copy of the Report of the International Conference on Chemicals Management on the work of its second session

EMPOWERING THE BOARD TO MEET THE GROUP S STRATEGIC OBJECTIVES

NCRIS Capability 5.7: Population Health and Clinical Data Linkage

NATS Swanwick. Interface Agreement. Owners: General Manager Swanwick. General Manager XXX

University of Northampton. Graduate Leaders in Early Years Programme Audit Monitoring Report by the Quality Assurance Agency for Higher Education

CLINICAL COMMISSIONING GROUP (CCG) ANNUAL GENERAL MEETING

CCG 360 o stakeholder survey 2017/18

CCG Assurance and the Balanced Scorecard Balanced Scorecard An overview of the tool, and its role in CCG assurance. Khadir Meer Richard Wells

COMMUNICATIONS POLICY

Board composition The Board currently comprises seven non-executive directors and one executive director.

GPC update on co-commissioning of primary care: Important Guidance for CCG member practices and LMCs

The risks and opportunities for CCGs when co commissioning primary care: Things to consider when making your decision

This policy sets out how Legacy Foresight and its Associates will seek to ensure compliance with the legislation.

Report OIE Animal Welfare Global Forum Supporting implementation of OIE Standards Paris, France, March 2018

Patient and Community Engagement Indicator (Compliance with statutory guidance on patient and public participation in commissioning health and care)

NHS Greater Glasgow and Clyde Health Board. Policy on the Management of Intellectual Property

Minutes from the Health and Well-Being Board Financial Planning Group Tuesday 15 December North London Business Park, F13 1pm 3pm

MINISTRY OF HEALTH STAGE PROBITY REPORT. 26 July 2016

The NHS England Assurance Framework: national report for consultation Chief Officer, Barnet Clinical Commissioning Group

Clinical Commissioning Group (CCG) Governing Body. Establishment of the Association of Greater Manchester CCG s Reporting Officer:

1.1.1 Apologies were received from Nick Atkinson, Vaughan C. Matthews, David Foley and Peter Christian.

Doing, supporting and using public health research. The Public Health England strategy for research, development and innovation

MEASURES TO INCREASE THE EFFICIENCY OF CIF COMMITTEES. CTF-SCF/TFC.11/7/Rev.1 January 27, 2014

NHS England CCG Authorisation

Digital Preservation Policy

UK Shared Business Services Ltd

Office for Nuclear Regulation

Museum Collections Manager. Job description

Clinical Commissioning Groups HR Frequently Asked Questions (FAQs)

CCG Organisational Structure

Photography and Videos at School Policy

UKRI FRAMEWORK DOCUMENT

Establishing the Greater Manchester Association of Clinical Commissioning groups. Summary slides

Privacy Policy SOP-031

Contents. International Correspondence Chess Federation. ICCF Outline of Duties. Valid from 01/01/2017

Gender Pay Gap Report - Overview

ANZPAA National Institute of Forensic Science BUSINESS PLAN

CARRA PUBLICATION AND PRESENTATION GUIDELINES Version April 20, 2017

Report on the linkage modalities and the rolling workplan of the Technology Executive Committee for

CONSTITUTION. Version: 5.1 Effective Date: May 2017

Standard of Knowledge, Skill and Competence for Practice as an Architectural Technologist

CCG Assurance Framework. England

JOB PROFILE. Corporate Communications Team Leader (Change Programme) Stratford upon Avon

Pan-Canadian Trust Framework Overview

I hope you will find these comments constructive and helpful.

Initial draft of the technology framework. Contents. Informal document by the Chair

UK Research and Innovation Conflicts of Interest Policy

THE UNIVERSITY OF AUCKLAND INTELLECTUAL PROPERTY CREATED BY STAFF AND STUDENTS POLICY Organisation & Governance

Our Corporate Responsibility pages 2016

ART COLLECTION POLICY

I. Introduction. Cover note. A. Mandate. B. Scope of the note. Technology Executive Committee. Fifteenth meeting. Bonn, Germany, September 2017

ENGINEERING DRAWINGS MANAGEMENT POLICY (IFC/AS BUILTS)

Transcription:

INFORMATION GOVERNANCE MANAGEMENT FRAMEWORK Document History Document Reference: IG33 Document Purpose: The document complements all other Information Governance policies and sets out the management arrangements for information governance for NHS Nottingham North and East CCG, NHS Nottingham West CCG and NHS Rushcliffe CCG (collectively the South Nottinghamshire CCG s). Date Approved: 23 rd September 2016 Approving Committee: Information Governance Management and Technology Committee Version Number: Version 5.2 Status: Final Next Revision Due: September 2017 Developed by: Information Governance, Greater East Midlands Commissioning Support Unit (GEM CSU) Reviewed and refreshed by Head of Information Governance and the Information Governance Officer for NHS Nottingham City CCG on behalf of the South Nottinghamshire CCG s. Policy Sponsor: Director of Outcomes and Information, South Nottinghamshire CCGs Target Audience: All Staff Associated Documents: All Information Governance Policies and the Information Governance Toolkit standards

Revision History Version Revision date Summary of Changes 1.0 July 2012 Approved by the Information Governance and Management Technology Committee 2.0 August 2013 Revised in line with NHS England Policies and updated to reflect version 11 of the Information Governance Toolkit 2.1 July 2014 Review for comment 3.0 September 2014 Approved by Information Governance Management and Technology Committee 4.0 September 2015 Revised Section 8: Training Guidance Inserted an updated version of the IGM&T terms of reference and membership Amended framework to reflect service level agreement with CCG for IG support. 5.2 August 2016 Updates to consent re SIRO and IAO role Policy Dissemination information Reference Number Title Available from Information Governance Management CCG Intranet Framework

Section Page 1 Introduction 4 2 Purpose & Scope 4 3 Policy Statement 4 4 Organisation Roles & Accountabilities 5 5 Key Policies 8 6 Governance Arrangements 9 7 Resources 9 8 Training Guidance 9 9 Incident Management 10 10 Equality & Diversity 10 11 Monitoring & Compliance 10 12 Further Information or Guidance 10 13 References 10 Appendix 1 - Information Governance Operational Structure Appendix 2 - Information Governance Reporting Framework Appendix 3 Information Governance, Management and Technology Committee Terms of Reference 12 13 14

Information Governance Management Framework 1 Introduction This framework applies to the three South Nottinghamshire Clinical Commissioning Groups (CCGs), subsequently referred to in this document as the CCGs. They include: NHS Nottingham North and East CCG NHS Nottingham West CCG NHS Rushcliffe CCG Robust information governance (IG) requires clear and effective management and accountability structures, governance processes, documented policies and procedures, trained staff and adequate resources. Delivery against these requirements will be carried out in line with the standards documented within the Information Governance Toolkit (IGT). The IGT can be accessed via https://nww.igt.hscic.gov.uk using the designated organisational code, user name and password. This framework must be documented, approved at the most appropriate senior management level in the organisation (e.g. a member of the Executive Team) and reviewed annually. This document sets out the CCGs approach to embedding robust information governance throughout each organisation. This framework is a standalone document and provides a summary/overview of how the CCG is addressing the IG agenda and reflects the capacity and capability of the CCGs. 2. Purpose and scope The purpose of this framework is to establish employee responsibility and the rules of conduct for all members of staff regarding the CCG s information governance framework and assurance process. This framework applies to all staff within the CCG whether operating directly or providing services to other organisations under a service level agreement or joint agreement and to non-executive directors, contracted third parties (including agency staff), Governing Body members, locums, students, volunteers, trainees, visiting professionals or researchers, seconded and other staff on temporary placements within the organisation. 3. Policy Statement NHS Digital (formerly the Health and Social Care Information Centre) mandates that the Information Governance Toolkit (IGT) is completed annually by all organisations that commission or provide services within and to the NHS. An Information Governance Management Framework (IGMF) is required to be in place to ensure that the information governance agenda is owned and implemented in a structured manner. Information Governance Management Framework September 2016 Version 5.2 4

4. Organisational Roles & Accountability The CCG will: Appoint a Head of Information Governance, an internal IG Lead, Senior Information Risk Owner (SIRO) and Caldicott Guardian (see Appendix 1). These designated roles will be reported in the CCG IG Toolkit return under Update Information Governance Senior Management Details once appointed. The roles of Caldicott Guardian and Senior Information Risk Owner (SIRO) will be at Executive level. The Accountable Officer has overall accountability and responsibility for information governance and is required to provide assurance through the Annual Governance Statement that all risks to the CCG, including those relating to information, are effectively managed and mitigated. Have in place policies and procedures to ensure compliance with requirements contained in the NHS Digital Information Governance Toolkit. The SIRO will: Lead and foster a culture that values, protects and uses information for the success of the CCG and benefit of its population. Own the CCG s overall information risk policy and risk assessment processes, ensuring they are implemented consistently by Information Asset Owners and agreeing action in respect of any organisational risks. Ensure that Information Asset Owners are identified for each key information asset. Own the CCG s information incident management framework, ensuring that the CCG s approach to information risk management is effective in terms of clear lines of responsibility and accountability, resources, commitment and execution and that this approach is communicated to all staff. Ensure that all staff assigned responsibility for co-ordinating and implementing information risk management are appropriately trained to carry out their role. Ensuring that effective mechanisms are established and publicised for responding to and reporting perceived or actual serious IG incidents. Ensure that Information Asset Owners carry out risk reviews of the assets, for which they are accountable, the frequency of review depending upon the importance of the asset (at least annually) and the nature of the risk environment. Ensure the recording of any high level IG risks on the organisations risk register and/or escalate to the Governing Body. Complete training appropriate to their role in line with the requirements of the IG Toolkit. Information Governance Management Framework September 2016 Version 5.2 5

The Caldicott Guardian will: Be added to the National Register of Caldicott Guardians. Identify the support necessary to ensure work related to confidentiality and data protection is appropriately carried out. Ensure all staff assigned responsibility for co-ordinating and implementing the confidentiality and data protection work programme have been appropriately trained to carry out their role. Advise and support CCG staff on enabling appropriate information sharing in line with the Caldicott2 Review recommendations and the new duty to share information. Complete training appropriate to their role in line with the requirements of the IG Toolkit. The Head of Information Governance will: Provide expert support, advice and guidance to the strategic and technical information governance arrangements within each of the CCG s are met. This will include; Supporting the achievement of satisfactory compliance (level 2 or above) in all Information Governance Toolkit requirements. This will include the provision of specific advice and guidance regarding consent issues, information sharing across partner organisations, and the legal basis for processing information. As part of this, standardised templates will be provided for contracts and agreements in support of information sharing agreements. Produce appropriate information governance training materials and deliver faceto-face training sessions as and when required. Prepare and present quarterly information governance update reports to the CCG s IGM&T committee regarding compliance with IG Toolkit requirements. This will include the provision of updates and briefings on all relevant legislative and national developments/guidance. Work collaboratively with the IG leads to map information governance risks for inclusion on the organisational risk register. To include Chairing the bi monthly Information Governance Operational Leads meeting. The Information Asset Owner will: Identify and document the scope and importance of all Information Assets they own. This will include understanding what information is held, what is added and what is removed, how information is moved, who has access and why. Ensure the information assets they own are documented on a central register. Information Governance Management Framework September 2016 Version 5.2 6

Identify, understand, document and address risk to the information asset. This includes the review and prioritisation of perceived risks and oversight of actions agreed to mitigate those risks. Identify all safeguards and business controls in place to respond to incidents or recover from a disaster affecting the Information Asset. Ensure access to the asset is appropriately controlled in accordance with its classification and the CCGs policies on information security, confidentiality, access and information sharing. Ensure that staff and relevant others are aware of and comply with expected IG working practices for the effective use of owned Information Assets. This includes records of the information disclosed from an asset where this is permitted. Ensure that the asset is managed in accordance with the Data Protection Act 1998, duty of confidentiality, Caldicott principles and the Human Rights Act 1998, if the asset processes personal confidential or personal sensitive data. Ensure there is good understanding of the hardware and software composition of their assigned assets to ensure their continuing operational effectiveness. This includes establishing and maintaining asset records that will help predict when asset configuration changes may be necessary. Provide assurance to the SIRO (at least annually) that information risk is being managed effectively in respect of the information assets that they own. Information assets risk rated as medium or high (amber and/or red) must be highlighted to the SIRO in a timely manner. Complete training appropriate to their role in line with the requirements of the IG Toolkit. The CCG IG Lead Link role will: Develop and maintain comprehensive and appropriate documentation that demonstrates commitment to and ownership of IG responsibilities, e.g. an overarching high level strategy document supported by corporate and/or directorate policies and procedures. Ensure that there is senior management awareness and support for IG resourcing and implementation of improvements. Provide direction in formulating, establishing and promoting IG policies. Establish working groups, if necessary, to co-ordinate the activities of staff given IG responsibilities and progress initiatives. Ensure that assessment and improvement plans are prepared for approval by the senior level of management in a timely manner and in line with national reporting requirements. Information Governance Management Framework September 2016 Version 5.2 7

Ensure that the approach to information handling is communicated to all staff and made available to the public. Ensure that appropriate training is made available to staff and completed as necessary to support their duties and in line with IGT requirements. Liaise with other committees, working groups and programme boards in order to promote and integrate IG standards Monitor information handling activities to ensure compliance with law and guidance. Provide a focal point for the resolution and/or discussion of IG issues escalating issues to the Head of Information Governance where necessary. Work collaboratively with the Head of Information Governance to map information governance risks for inclusion on the organisational risk register. To include attending the bi monthly Information Governance Operational leads meeting. Have oversight of the annual Information Governance Toolkit submission, and the achievement of satisfactory compliance (level 2 or above) in all requirements. The Information Governance, Management and Technology committee will: Ensure that an appropriate comprehensive information governance framework and systems are in place throughout the constituent organisations in line with national standards. The specific responsibilities of this Committee are outlined in its terms of reference and associated appendices (see Appendix 3). 5. Key Policies The CCG will provide the following policies (or equivalent) to set out scope and intent in terms of embedding Information Governance processes throughout the Organisation: A Confidentiality and Data Protection Policy An Information Security Policy Records Management Policies In particular the CCG will implement policies as required to support confidentiality, security and records management processes in addition to this Information Governance Management Framework The CCG has available to all staff a comprehensive policies matrix which provides details of all the other IG policies in place. Information Governance Management Framework September 2016 Version 5.2 8

6. Governance Arrangements The following governance arrangements have been agreed: The CCG Governing Body will receive periodic assurance that management and accountability arrangements are adequate and will be kept informed (in a timely manner) of future changes to the IG agenda through IG updates. The CCG will be represented at the Information Governance Management and Technology Committee, which has delegated authority from each of the CCG Governing Bodies for IG compliance. The shared CCG Information Governance Management and Technology Committee (or equivalent) will have responsibility for the information governance agenda supported by identified senior roles i.e. Caldicott Guardian, SIRO, and IG Lead. Under a service level agreement, the CCG will obtain information governance support from NHS Nottingham City CCG, including, the Head of Information Governance function. Responsibility and accountability for information governance will be cascaded through the organisation via staff contracts, contracts with third parties, Information Asset Owner arrangements and departmental leads. Key information governance messages will be developed by NHS Nottingham City CCG through a Service Level Agreement and made available to the CCGs for onward dissemination. 7. Resources Key staff involved in the information governance agenda, below those at Executive Team level, will be provided internal to the CCG and through a Service Level Agreement between the CCGs and NHS Nottingham City CCG. 8. Training Guidance It is recognised that information governance education, training and awareness are essential for developing and improving staff members Information Governance knowledge and skills. Staff need to understand the value of information and their responsibility for it, including data quality, information security, records management, confidentiality, information law, rights of access and patients rights in terms of a right of privacy and choice. The IG training programme/training needs analysis will be regularly reviewed to ensure it correctly reflects the information governance training requirements of staff at all levels within the organisation. The completion of annual information governance training is mandatory for all staff, whether permanent, temporary or contracted (including third party contractors). All new starters will complete their information governance training via the NHS Digital online information governance training tool, the Electronic Staff Record or accredited paper based training. Information governance training can subsequently be completed via a face-to-face session delivered by the Head of Information Governance or relevant IG Lead Link role. Information Governance Management Framework September 2016 Version 5.2 9

Refresher information governance training can be completed via the NHS Digital information governance training tool, Electronic Staff Record, accredited paper based training or via face-to-face sessions delivered by the appropriate IG Lead. At least 95% of all staff will have completed their annual IG training in the period 1 April to 31 March in line with the requirements of the IG Toolkit. The CCG will advise and support staff to undertake further specialist information governance training as required. 9. Incident Management Clear guidance on reporting of information incidents and their management will be documented and staff will be made aware of their existence, where to find them and how to implement them. 10. Equality & Diversity The CCG aims to design and implement policy documents that meet the diverse needs of the services, population and workforce, ensuring that none are placed at a disadvantage over others. It takes into account current UK legislative requirements, including the Equality Act 2010 and the Human Rights Act 1998, and promotes equal opportunities for all. This document has been designed to ensure that no-one receives less favourable treatment due to their personal circumstances, i.e. the protected characteristics of their age, disability, sex (gender), gender reassignment, sexual orientation, marriage and civil partnership, race, religion or belief, pregnancy and maternity. Appropriate consideration has also been given to gender identity, socio-economic status, immigration status and the principles of the Human Rights Act. 11. Monitoring and Compliance The IGMF will be reviewed at least annually in line with IG Toolkit requirements or amended as required to reflect changes in organisational ownership. The CCGs will monitor staff compliance with the policy internally. 12. Further Information or Guidance Paul Gardner, Head of Information Governance, NHS Nottingham City CCG, paul.gardner@nottinghamcity.nhs.uk. 13. References NHS Code of Confidentiality NHS Digital IG Toolkit NHS Digital IG Training Tool Checklist for Reporting, Managing and Investigating Information Governance Serious Incidents Requiring Investigation Information Governance Management Framework September 2016 Version 5.2 10

The Caldicott Review: Information Governance in the Health and Social Care System Nottinghamshire County Clinical Commissioning Groups (CCGs) Information Asset Register Procedure Service Level Agreement between NHS Nottingham City CCG, NHS Nottingham North and East CCG, NHS Nottingham West CCG and NHS Rushcliffe CCG NHS Nottingham City CCG Information Governance Management Framework Information Governance Management Framework September 2016 Version 5.2 11

Appendix 1- Information Governance Operational Structure Accountable Officer Caldicott Guardian SIRO IG Lead Link role (internal) Information Asset Owner s Information Asset Support Staff Head of IG NHS Nottingham City CCG

Appendix 2 Information Governance Reporting Framework CCG GOVERNING BODY Receives high level assurance Risk and Information Security Advisory Group (RISAG) INFORMATION GOVERNANCE, MANAGEMENT AND TECHNOLOGY COMMITTEE NHIS Group East Midlands Strategic Information Governance Committee- via Chair NHS Nottingham City CCG Head of IG RECORDS AND INFORMATION GROUP (RIG) Local Health Community IG Leads IG OPERATIONAL LEADS MEETING Nottinghamshire CCG IG Leads /Arden and GEM IG Lead/NHS Nottingham City CCG Head of IG SIRO and Caldicott Guardian Advice

Appendix 3- IGMT Terms of Reference Information Governance, Management & Technology Committee Terms of Reference 1. Introduction The Information Governance, Management and Technology (IGM&T) Committee is established on behalf of NHS Rushcliffe (RCCG), NHS Nottingham North and East (NNE), NHS Nottingham West (NW), NHS Mansfield and Ashfield (M&A) and NHS Newark and Sherwood (N&S) CCGs in accordance with the joint arrangements detailed in their respective Constitutions and referred to in these terms of reference as the CCGs. The purpose of the Committee is to support and drive the broader information governance (IG) and information management & technology (IM&T) agendas, including: Ensuring risks relating to information governance and health informatics are identified and managed Leading the development of community-wide IG and IM&T strategies Developing IM&T to improve communication between services for the benefit of patients These terms of reference set out the membership, responsibilities, and reporting arrangements of the Information Governance, Management and Technology Committee and shall have effect as if incorporated into the individual CCG Constitutions. 2. Membership Membership of the Committee will reflect the CCGs acknowledgement of The Information Governance, Management & Technology Committee is managed by Rushcliffe Clinical Commissioning Group on behalf of Nottingham West CCG, Nottingham North and East CCG, Mansfield and Ashfield CCG and Newark and Sherwood CCG

the importance of IG and IM&T, the emphasis it places on its contribution to the commissioning process and the successful implementation of projects of work. Each CCG will be represented on the Committee by their respective leads for IGM&T. Patients will be represented by governing body lay members and lay representatives nominated by the CCGs party to this joint committee. The membership of the Information Governance, Management and Technology Committee is as follows: Director of Outcomes and Information (Chair and Representative for South CCGs) Each CCG s SIRO, Each CCG s Caldicott Guardian, Information Governance Lead at NHS Mansfield and Ashfield CCG and NHS Newark and Sherwood CCG Information Governance Lead at NHS Nottingham City CCG Director of Health Informatics, NHIS GP representative Governing Body Lay Member Current nominated officers at Appendix 1 Members qualification, disqualification, appointment, tenure on the Information Governance, Management and Technology Committee and eligibility for reappointment as per Governing Body members is detailed in Section 2 of Appendix C of each CCG s constitution. If a member of the Information Governance, Management and Technology Committee is not a member of the Governing Body, the above will apply as per the Lay Member for Patient and Public Involvement. Members are expected to attend at a minimum of three meetings a year and are responsible for identifying appropriate deputies to represent their position if unable to attend. The Information Governance, Management & Technology Committee is managed by Rushcliffe Clinical Commissioning Group on behalf of Nottingham West CCG, Nottingham North and East CCG, Mansfield and Ashfield CCG and Newark and Sherwood CCG

3. Voting and Decisions Decisions will normally be reached by consensus, but where this is not possible, then a vote of member CCGs will be required. The process is: One vote per CCG The presiding Chair will have the casting vote Members voting against a decision but in the minority may request the minutes to reflect their dissent 4. Chair and Deputy The Chair will be the Director of Outcomes and Information. The General Practitioner and Senior Information Risk Owner for NHS Nottingham West CCG will be the Deputy Chair of the committee. In the event of the Chair of the Information Governance, Management and Technology Committee being unable to attend all or part of the meeting, the Deputy Chair will deputise for that meeting. 5. Quorum To be deemed quorate, the meeting must include the Chair or Deputy Chair, a representative for each CCG and at least one SIRO and one Caldicott Guardian from across the CCGs. 6. Attendees Other attendees will be invited to attend meetings as appropriate. 7. Frequency and conduct of business Meetings will be held quarterly or more frequently should an identified need arise. The agenda, papers and minutes of the previous meeting will be circulated at least five working days prior to the next meeting. Minutes will be taken at all meetings by Rushcliffe CCG and circulated within 10 days of the meeting, unratified, to members of the Information Governance, Management and Technology Committee for approval at the following meeting. A highlight report will also be produced within 10 days of the meeting for each CCG s Governing Body. All actions from the previous meeting(s) will be reviewed. Members will The Information Governance, Management & Technology Committee is managed by Rushcliffe Clinical Commissioning Group on behalf of Nottingham West CCG, Nottingham North and East CCG, Mansfield and Ashfield CCG and Newark and Sherwood CCG

send a written update if they are not able to attend the next meeting. 8. Authority The Information Governance, Management and Technology Committee is authorised by the CCGs Governing Bodies to investigate any activity within the terms of reference. It is authorised to seek any information it requires from any employee, and all employees are directed to cooperate with any request made by the Information Governance, Management and Technology Committee; and any employee of any provider of health services with whom the CCGs hold contracts. Appendix 2 sets out the governance structure for the Information Governance, Management & Technology Committee, it s sub committees, regional networks and the CCGs Governing Bodies. 9. Responsibilities The Information Governance, Management & Technology Committee will provide assurance to the five Clinical Commissioning Groups (CCGs) that the national and local IG and IM&T strategies are appropriate, supporting the delivery of associated improvements in health whilst facilitating the realisation of clinical and non-clinical benefits. Information Governance 1) Ensure that an appropriate comprehensive information governance framework and systems are in place throughout the constituent organisations in line with national standards. 2) Receive regular action plans with regard to the organisations progress on the annual Information Governance Toolkit submission. 3) Ensure that information is effectively managed, and that appropriate policies, procedures and management accountability are provided and approved in relation to confidentiality, security and records management. The Information Governance, Management & Technology Committee is managed by Rushcliffe Clinical Commissioning Group on behalf of Nottingham West CCG, Nottingham North and East CCG, Mansfield and Ashfield CCG and Newark and Sherwood CCG

4) Ensure that information risks are identified, assessed and managed in line with the Information Governance Assurance Framework and recommend actions to the Senior Information Risk Owner (SIRO) to ensure risks are mitigated. 5) Ensure that information risks for commissioned services, including GP practices are identified and managed in line with National Serious Incident Framework, NHS England, March 2015. This will include incidents that result in a serious breach in confidentiality or data loss. 6) Assure the CCGs Governing Bodies that all person identifiable information is processed in accordance with the Data Protection Act and that all staff are aware and comply with the NHS Code of Confidentiality and other professional codes of conduct. 7) Ensure that new or proposed changes to organisational processes or information assets are identified and risk assessed, considering any impact on information quality and identifying any new security measures that may be required. 8) Provide oversight and monitoring of provider IG Toolkit compliance on behalf of the CCGs, advising the relevant Quality Scrutiny Panels regarding any areas of concern. 9) Ensure that all locally-developed clinical information systems are accredited and signed off by the IM&T Clinical Safety Officer as laid out by statute and the relevant Information Standard Notices. 10) Receive regular compliance reports on the processing of Freedom of Information requests; determining exemptions as appropriate. 11) Develop an information governance training programme and monitor the progress of the staff training and awareness in line with the National Department of Health requirements. 12) Support the Caldicott function, working with the Caldicott Guardian to ensure work related to confidentiality and data protection is The Information Governance, Management & Technology Committee is managed by Rushcliffe Clinical Commissioning Group on behalf of Nottingham West CCG, Nottingham North and East CCG, Mansfield and Ashfield CCG and Newark and Sherwood CCG

appropriately carried out and any risks reported appropriately. 13) Work with independent contractors and commissioned services to ensure their compliance with the Information Governance Toolkit. Information Management and Technology 1) Promote new technologies across the CCGs to ensure quality of patient services. 2) Develop and approve the CCG s IM&T Strategy ensuring it is congruent with both national and local strategy, and complements the business plans of individual Clinical Commissioning Groups; providing Governing Body assurance on the plan. 3) Ensure that the individual CCGs components of the programme are delivered in accordance with the timescales and milestones laid out in a project plan. 4) Act as the Project Assurance mechanism for any significant IM&T investment within the CCGs ensuring that the appropriate rigour has been applied to the case for change, specification, procurement, implementation and mobilisation of such investment plans. 5) Ensure that the CCGs have mechanisms and plans in place to raise the basic competencies and skills of the commissioning organisation in order to base decisions on knowledge and information. 6) Agree the relative priority of IM&T investment projects where flexibility exists outside of any national programmes. 7) Provide assurance to the Governing Bodies that sufficient attention is being placed on data quality of both mandated and local datasets generated by the CCGs and their providers. The Information Governance, Management & Technology Committee is managed by Rushcliffe Clinical Commissioning Group on behalf of Nottingham West CCG, Nottingham North and East CCG, Mansfield and Ashfield CCG and Newark and Sherwood CCG

8) Ensure the CCGs are able to maximise all clinical and non-clinical benefits from planned and existing information systems and IT infrastructure. 9) Facilitate development and local implementation of health informatics policies ensuring they are consistent with national and local strategy. 10) Receive reports relating to the Nottinghamshire Health Informatics Service (NHIS), its services, the performance of the SLA between the NHIS and CCGs and progress against specific projects. 11) Monitor and review data and hardware security arrangements. 12) Ensure appropriate business continuity arrangements are in place relating to information technology. 10. Reporting The IGMT Committee will report to each CCG s Governing Body via a highlight report that will be available no later than 10 working days after each meeting and via minutes for each meeting that will be available after approval at the following Committee meeting. The Chair of the Information Governance, Management and Technology Committee will draw to the attention of the Governing Bodies any issues that require disclosure to the Governing Body, or require action. Specific issues of concern, or matters requiring escalation to the Governing Bodies will be the subject of reports by the Committee Chair to each Governing Body. The Director of Outcomes and Information will produce an Information Governance, Management and Technology Committee Annual Report for approval by the Committee. The Information Governance, Management & Technology Committee is managed by Rushcliffe Clinical Commissioning Group on behalf of Nottingham West CCG, Nottingham North and East CCG, Mansfield and Ashfield CCG and Newark and Sherwood CCG

11. Declaration of Interests All members of the Information Governance, Management and Technology Committee will be required to complete a declaration of interest form in accordance with the CCG s Conflict of Interest Policy. At the beginning of each meeting members will be required to declare a personal interest if it relates to a particular issue under consideration. Any such declaration will be formally recorded in the minutes of the meeting. The Chair will then make a decision about the member s participation in the discussion in accordance with the CCGs Conflict of Interest Policies. 12. Conduct The Information Governance, Management and Technology Committee will conduct its business in accordance with the codes of conduct set out for all Governing Body members and good governance practice as laid out in the CCGs Constitutions. The members and attendees will act in accordance with any applicable laws and guidance. Members are expected to attend at least 75% of meetings held. Where a member is unable to attend, every effort should be made to ensure they were represented by an appropriate and suitably briefed deputy previously identified at the Committee. 13. Review of the Terms of Reference The Information Governance, Management and Technology Committee Terms of Reference will be reviewed on an annual basis from the date that they were approved by the CCGs, unless it is deemed necessary for them to be reviewed earlier. Any resulting changes to these terms of reference or membership of the Information Governance, Management and Technology Committee must be approved by the CCGs before they shall be deemed to take effect. 14. Secretary Secretarial support is provided by Rushcliffe CCG who will be responsible for: The Information Governance, Management & Technology Committee is managed by Rushcliffe Clinical Commissioning Group on behalf of Nottingham West CCG, Nottingham North and East CCG, Mansfield and Ashfield CCG and Newark and Sherwood CCG

Providing support to the Chair Agreeing the agenda with the Chair Collating and circulating all necessary papers for the Committee Ensuring that all reports to CCG Governing Bodies are provided in line with the CCGs paper format and deadlines Version: 13 Approved by: IGM&T Review Date: May 2017 Date Approved: May 2016 The Information Governance, Management & Technology Committee is managed by Rushcliffe Clinical Commissioning Group on behalf of Nottingham West CCG, Nottingham North and East CCG, Mansfield and Ashfield CCG and Newark and Sherwood CCG

Appendix 1 (of IGMT Terms of Reference) Membership list as of May 2016 Role Name Permanent Membership (Chair) Director of Outcomes and Information and Senior Information Risk Owner (SIRO) Rushcliffe CCG Andy Hall Head of Information Governance, Mansfield and Ashfield CCG and Newark and Sherwood CCG Alexis Farrow Head of Information Governance, Nottingham City CCG Paul Gardner Caldicott Guardian South CCGs Nichola Bramhall General Practitioner Mid Nottinghamshire CCGs Vacant (Deputy Chair) General Practitioner Nottingham West CCG and Senior Information Risk Owner (SIRO) Nottingham West Mike O Neil Senior Information Risk Owner (SIRO) Nottingham North and East Hazel Buchanan Caldicott Guardian Mansfield and Ashfield CCG and Newark and Sherwood CCG Elaine Moss Senior Information Risk Owner (SIRO) for Mansfield and Ashfield CCG and Newark and Sherwood CCG Sarah Bray Governing Body Lay Members of Newark & Sherwood CCG Paul Morris General Practitioner Rushcliffe CCG Dr Sean Ottey The Information Governance, Management & Technology Committee is managed by Rushcliffe Clinical Commissioning Group on behalf of Nottingham West CCG, Nottingham North and East CCG, Mansfield and Ashfield CCG and Newark and Sherwood CCG

Role Name Director of Health Informatics at NHIS Eddie Olla Nominated deputies Head of Transformation, NHIS Jaki Taylor Representative Mansfield and Ashfield CCG and Newark and Sherwood CCG Di Butcher Representative Mansfield and Ashfield CCG and Newark and Sherwood CCG Marcus Pratt Representative Mansfield and Ashfield CCG and Newark and Sherwood CCG Gina Holmes Representative Rushcliffe CCG Caroline Stevens Representative Nottingham West CCG Craig Sharples Representative Nottingham North and East CCG Sergio Pappalettera The Information Governance, Management & Technology Committee is managed by Rushcliffe Clinical Commissioning Group on behalf of Nottingham West CCG, Nottingham North and East CCG, Mansfield and Ashfield CCG and Newark and Sherwood CCG

Appendix 2 (of IGMT Terms of Reference) The Information Governance, Management & Technology Committee is managed by Rushcliffe Clinical Commissioning Group on behalf of Nottingham West CCG, Nottingham North and East CCG, Mansfield and Ashfield CCG and Newark and Sherwood CCG

2024 © hobbydocbox.com Privacy Policy | Terms of Service | Feedback