Power Point Presentation
Download
Report
Transcript Power Point Presentation
Raising the Bar on
Information Governance
in Primary Care
Dr Lorna Ramsay
Clinical Lead
NHS Scotland IG Programme, ISD
Information Governance
“Information governance aims to support the
provision of high quality care by promoting the
effective and appropriate use of information.”
•
•
•
•
•
•
Confidentiality
Data Protection
Information Security
Records Management
Freedom of Information
Data Quality Assurance
Primary Care IG Baseline
Benchmarking Information Governance and Data
Quality Standards, Directed Enhanced Service,
circular PCA(M)(2007)11
All practices should:
– be compliant with a basic list of standards for information
governance
– have completed and implemented an action plan (agreed with
the host NHS Board) on how they will improve data quality
and information governance
Session overview
What’s been going on?
– high profile data disclosures
– growing expectations of the general public
– continued eHealth progress
• What’s changed in IG?
– updated guidance from professional bodies
– evolving requirements from regulators
• How can NHSS ‘raise the bar’?
– new guidance
– ongoing activities
– training and awareness
GMC Confidentiality Guidance
Principles
“Confidentiality is central to trust between doctors and
patients. Without assurances about confidentiality,
patients may be reluctant to seek medical attention or
to give doctors the information they need in order to
provide good care.
But appropriate information sharing is
essential to the efficient provision of safe,
effective care, both for the individual patient
and for the wider community of patients.”
Regulator changes: Data Protection
• Privacy Impact Assessment (PIA)
• DP registration changes
• Extended Powers & Penalties
– Fines - monetary penalties for reckless breaches
– Enhanced powers of inspection
– Prosecution - prison sentences for s55 offences
• New offence:
– Wilful or reckless breach of the DP Principles leading
to damage or distress
http://www.ico.gov.uk
Regulator changes: Freedom of
Information
• Sets out types of information routinely made
available by a public authority.
• Should specify classes of information, how
available, and if charge.
• Current NHS schemes expire on 31 May 2010
• 5 updated NHS model schemes proposed,
including one specifically for General
Practices – developed by SGPC of the BMA
• Consultation: Nov to mid Dec
• Revised submissions by 28 Feb 2010
http://www.itspublicknowledge
Patients Bill of Rights
• Consultation Sept 08 -Jan 09
• Patients' Rights Bill and
introduction of legislation in 2010
• Includes patient rights to privacy
and confidentiality
Scottish Government Draft Identity
Management and Privacy Principles
• Developed by expert group for Scottish Ministers
– Help public service organisations comply with
data protection and human rights legislation
– Enable public organisations to build on these
requirements and to achieve good practice
• Aimed at both policy makers and practitioners in
public service organisations
• 5 sections:
– Proving Identity and Entitlement
– Governance and Accountability
– Risk Management
– Data and Data Sharing
– Education and Engagement
• Closes 23/11/2009
NHS Scotland IG programme
Developing &
Implementing
Changes
Implemented
Continuous
Improvemen
t Cycle
Evaluation &
Monitoring
• Standards & Toolkit
• Communications &
Networks
• Education & Training
• Knowledge Base
• National IG Framework of
Policies & Guidelines
Fully
Implemented
National IG Guidance 1
• NHS Scotland Code of Protecting Patient
Confidentiality (review)
• NHS Scotland Information Security standards and
guidance (review)
– Mobile data protection standard (encryption)
• Caldicott Guardians Manual, July 2008 (review/
replacement)
National IG Guidance 2
• Refreshed NHS Scotland Code of Practice in
Records Management
– Health and administrative records into single document
– Improved guidance re disposal of records, esp. in site
decommissioning - Strathmartine review recommendations
• Develop dataset for compiling records inventory
(Nov 2009)
• Develop guidance on operational physical security
and transportation of manual records (Dec 2009)
Ongoing national IG activities
• IG Access Framework for national systems
• Role Based Access Control model for clinical
portal
• Information Classification Scheme
• Incident Reporting guidance
• Guidance for patients seeking opt out from
electronic records
• Training requirements and awareness raising
tools for NHSS staff
Training in place/ in development
• IG Educational Competency Framework, NES
• Advanced practitioners:
– Postgraduate educational programmes for IG Practitioners
– Initial and ongoing training for Caldicott Guardians
• Intermediate 2:
– DOTS – IG module for junior doctors
– Flying Start – IG module for newly qualified nurses,
midwives and AHPs
• Various materials:
– Brief Guide to IG
– Information Security Good Practice Guide
Proposed Training Model
Advanced
Role
(RBAC Model)
Foundation
Healthcare
Administrators
Intermediate 1
System administrators
Clinical Administrators
Intermediate 2
Clinical/
professional
IG competency
Levels (NES)
IG Leads
IG Practitioners
Supervisory roles
Middle managers
Health Professionals
Administrators
Medical Records
Clinical Coding
Healthcare
Assistants
All NHS
employees/
contractors
Indicative staff
groups (NES)
Training Plans/ Proposals
Proposals for comprehensive programme of IG
awareness raising, training packages and workbased assessment :
• Intermediate 2:
– Senior medical, nursing, midwifery and AHP staff
– Other healthcare professionals
• Intermediate 1:
– Administrative and clerical staff
– Health Records staff, etc
• Foundation:
– All NHS employees and contracted staff
Future activity
• NHSS IG standards for Primary Care
• Self assessment using electronic IG toolkit
Key Contacts/ Sources of Advice
Internal:
Line Manager
Practice Manager
GP Lead
External:
Topic Area
Data Protection/
Confidentiality
Information Security
Records
Management (Pts &
Corporate)
Freedom of
Information
Caldicott
Policy & Strategy:
development &
advice (SG)
Kim Kingan
IG Lead
David Armstrong
Security Lead
(Implementation of
policy)
NHSS IG Team
IG Co-ordinator –
post vacant
Colin Howarth
NHSS IS Consultant
Robert Bryden
Records Management
Lead
-
IG Co-ordinator –
post vacant
-
IG Co-ordinator –
post vacant
N/A
Advice on &
interpretation
of law
Day to day
Operational &
Management
Informal
Advice
Central Legal
Office
ICO
SICO
NHS Board
subject topic
experts &
Caldicott
Guardians
IG e-Library
Shared Space
Peer Forums
Future: new
Caldicott
Guardian
Manual
Further Information
Specialist e-Library/ IG Portal
http://www.elib.scot.nhs.uk/IG
IG Bulletin
http://www.elib.scot.nhs.uk/portal/ig/pages/index.aspx
eHealth Website
http://www.ehealth.scot.nhs.uk/
Contacts
NHSS IG Team: [email protected]
Lorna Ramsay, Clinical Lead, IG team, ISD
[email protected]
Kim Kingan, Information Governance Lead, SGHD
[email protected]
David Armstrong, Enterprise Architect-Security, SGHD
[email protected]
Robert Bryden, Records Management Lead, SGHD
[email protected]
Discussion points
• How might primary care respond to ‘raising the
bar’ around IG?
– Participation in developments
– Implementation of new guidance
– Compliance with evolving requirements
• What barriers and enablers might there be?
Questions?
Better information.….better decisions…..better health.