This topic covers Information Governance practice and how organisations manage it, particularly within the NHS and health sector settings.
Information Governance or 'IG' can be defined as the set of multi-disciplinary structures, policies, procedures, processes and controls required to manage information in support of an organisation's regulatory, legal, risk, environmental and operational requirements. It allows organisations and individuals to ensure information is processed legally, securely, efficiently and effectively.
The DS&P Toolkit is an online NHS self-assessment assurance tool that allows organisations to measure their performance against the National Data Guardian’s 10 data security standards. All organisations with access to NHS patient data and systems must use this toolkit to provide assurance that they are practising good data security and that personal information is handled correctly.
Outside the NHS itself, registered organisation include general, dental and optometric practices, pharmacies and many other organisations that provide services to the NHS or work with it. These organisations may be sharting patient data with the NHS, processing it for them, or both. In total, over 27,500 organisations are registered to complete the DS&P Toolkit.
Organisations must submit at least one annual update showing that they remain compliant.