Information governance
Information Governance (IG) touches all areas of the NHS, this section of the website provides an overview of:
- Summary Care Record (SCR) and Information Governance
- IG guidance for Privacy Officers and Caldicott Guardians
- Further information on IG
What is Information Governance?
Information Governance refers to the policies and practices that together ensure the security and confidentiality of information throughout the NHS. It ensures that personal information is:
- Accurate and fit for purpose
- Held and used lawfully
- Maintained securely
- Used effectively in order to deliver the best possible care to patients
Please read the leaflet What you should know about Information Governance 2010 (PDF, 509Kb)
Summary Care Records (SCR) and Information Governance
SCR has been designed to ensure that IG safeguards are in place to enable staff to access summary information about a patient when it is relevant to their job and appropriate to do so. SCR uses the following IG controls to ensure that the Care Record Guarantee rules are adhered to:
- Authentication and Role Based Access Control (RBAC)
- Legitimate Relationships (LR)
- Permission to View
- Other Controls
Incorporating Summary Care Record (SCR) Information into the Local Detailed Care Record
Information from various sources (such as a GP letter, a handover form or the content of the SCR) may be used to inform clinical decisions in a variety of care settings and, in line with NHS record keeping policy, may need to be added to the local detailed care record to document what information was used in the treatment of patients and when. Incorporation of information in the local detailed care record applies whether the information is electronic or paper based and, as per current IG controls, should only be looked at by authorised users.
For more information and frequently asked questions on incorporating SCR information into local records, read the Incorporating Summary Care Record (SCR) Information into the Local Detailed Care Record page.
IG Guidance for Privacy Officers and Caldicott Guardians
This section provides specific guidance for Privacy Officers and Caldicott Guardians on the following:
- Audits and Alerts
- Subject Access Reports
- Data Protection Act
IG Guidance for Registration Authorities
- Setting up – software downloads and technical support (An N3 Connection is needed to view this link)
- RBAC Required for GP Summaries (PDF 232, Kb)
- Overview of Summary Care Record Application RBAC Activities (PDF 159 Kb)
Further Information on IG
- The Care Record Guarantee
- Guidance on Accessing SCR in GP Practices for Patients Not Fully Registered
For further information on Caldicott Guardians, IGSoC (Information Governance Statement of Compliance), IG Toolkit and any other general queries visit the Information Governance pages of the NHS CFH website. IGSoC and the IG Toolkit are NHS processes and tools that ensure that NHS organisations are protecting their information. By following these processes, an NHS care setting will be able to set up an N3 connection to connect to the Spine and view Summary Care Records.
IG Contacts
For general queries or to submit feedback on SCR IG information, e-mail: scrig@nhs.net
For support on the IG Toolkit, e-mail: exeter.helpdesk@nhs.net
For general queries on IG requirements and regulations within CFH, e-mail: igteam@nhs.net