It pays to be N3/IG Toolkit compliant. Let’s Talk about it.

call 0845 070 1750

Email
servicecentre@itgovernance.co.uk

"Just a quick email to thank you for all your recent help with QES’s N3 application. Today we had our approval notification and can proceed with our business plans with NHS authorities; it’s fair to say we couldn’t have achieved it so quickly on our own!" Jayne Watkins, Quality Education Solutions

NHS N3/IG Toolkit Connecting for Health Consultancy

IT Governance has a decade of experience helping clients to comply with the vast array of legal requirements and government guidance that applies to all organisations involved in the NHS; including:

NHS providers
Commercial third parties
NHS partners

Supplying/Planning to supply the NHS? Did you Know?

The NHS IG Toolkit 9 (ITGv9) has up to 45 requirements classified under 6 initiative areas: therefore, achieving compliance can be time-consuming and demanding.

Where there is non-compliance, organisations need to take appropriate measures, (e.g. assign responsibility, put in place policies, procedures, processes and guidance for staff), to raise governance standards through year on year improvements. IT Governance consultants work with your IT team to ensure that you achieve full compliance on time, within budget.

Call IT Governance now on 0845 070 1750 to discuss how we can assist you.

IG Toolkit v9: The security compliance bar has been raised – are you ready?

IGT - version 9 is considered to be more detailed and prescriptive than previous versions, breaking each requirement down into detailed criteria.

Our ISO 27001 Consultancy service speeds up the process of satisfying IGT requirements, helping you to answer the questions and gather the evidence to demonstrate compliance.

Read an IT Governance White Paper that shows how we help you to take appropriate measures to raise information governance standards. Simply add your details below and we'll email it across straight away:

Why is it important to improve your IT security in line with the IG Toolkit?

Connecting for Health has the power to suspend an organisation’s N3 connection and the Information Commissioners Office (ICO) can issue fines of up to £500,000 for data security breaches. NHS Trusts need to complete IGT submissions and demonstrate appropriate levels of information security.

Possible consequences of non-compliance include:

Withdrawal of Care Records Service (N3, Choose & Book, ESR)
Information Commissioner is more likely to take enforcement action if there is a breach
Care Quality Commission (CQC) registration could be affected
An impromptu inspection by the Care Quality Commission
Your organisation is subject to an information security audit

Important changes from IGT v8 to IGT v9

New organisation types can now complete the Information Governance Toolkit (IGT). These new groups include;
1. the voluntary sector. Charity organisation that is involved in healthcare or that works with NHS providers to manage and process patient-level data can now complete the IGT on a self-assessment basis.
2. Organisations that process patient-level information or data for reasons other than directly informing patient care. This could be organisations that use NHS data to support research work for example.
3. Providers of prescribed appliances. These organisations differ from pharmacists (who already have the ability to complete the IGT, as they provide supportive appliances to patients and healthcare organisations as opposed to drugs.
There are new deadlines for the completion of the Toolkit. NHS organisations must meet internal submission deadlines, where provisional information and scores are provided in-year, prior to the final submission of the IGT being made in March 2012.
All healthcare organisations, and those that process data on behalf of healthcare organisations, should ensure that their Information Governance Toolkit is completed annually, at the same time each year. This means that if an IGT submission was made against Version 8 of the Toolkit in August 2010, then an IGT submission against Version 9 should have been made in August 2011 (Are you up to date in respect of this requirement?).
The scores made and the evidential documentation that was provided to support each score against Version 8 of the IGT will be rolled over into Version 9 of the toolkit. This means that each organisation doesn't need to re-upload documentation from one year to the next. Instead they need to reassess the scores that were made against the last version, check that these scores still stand, and then re-review submitted evidence and amend, delete or add to as required.

Do you understand what is meant by ‘IGT’?

The IGT is an online system which allows NHS organisations and partners to assess themselves against Department of Health (DoH) Information Governance policies and standards. It also allows members of the public to view participating organisations' IGT assessments.

IT Governance has assisted private companies and NHS Business Partners (BPs) to achieve a connection to the N3 network in compliance with the IG Toolkit standard. All organisations that wish to use NHS Connecting for Health digital services, including the N3 network, must complete the IG Statement of Compliance process. They must carry out an annual assessment and show evidence their compliance with the toolkit IG assurance standards.

Commercial Third Parties (CTPs): Why Choose IT Governance Consultants?

We offer various levels of consultancy support IT Governance to our clients from an IGT/N3 gap analysis, to assistance with key milestones such as IGT training and auditing, through to full application and IG Toolkit submission on behalf of the client. Our rates are among the most competitive in this field.

The IT Governance NHS N3/IG Toolkit Connecting for Health ('CfH') Consultancy Service is specifically designed to assist Commercial Third Parties ('CTP') seeking to comply with the 17 requirements of the NHS IG Toolkit v9.

Our aim is to guide you through the CTP requirements and achieve IG Toolkit Compliance in the shortest possible time. We can usually do this in a matter of a few working days – in less time and for a minimal cost that is more than justified in terms of building your existing or new supply chain relationship with NHS local health trusts and other NHS organisations.

NHS Business Partners (BPs): Why Choose IT Governance Consultants?

IT Governance provides consultancy to organisations that, whilst remaining independent, work closely with NHS organisations and share common goals for providing high standards of healthcare directly to patients. The category includes DH Arms-Length Bodies (DH ALBs) and Independent Treatment Centres. The term Independent Treatment Centre encompasses Independent Sector Treatment Centres (ISTCs), private hospitals, hospices, and charitable foundations.

NHS Business Partners are distinct (in IG terms) from Commercial Third Parties (CTPs), as the nature of their service(s) suggest that they are more likely to have a need to actively process patient or personal data on a regular basis. Business Partners must therefore meet 29 requirements set out in the IG Toolkit compared to the 17 requirements that apply to CTPs.

Note: Commercial Third Parties should not under normal circumstances have such a requirement, although in exceptional cases (e.g. incident investigations) this may be required. IT Governance consultants will advise you on which requirements are applicable.

Contact our Consultancy team on 0845 070 1750 to discuss your IGT project

Email servicecentre@itgovernance.co.uk

Consultancy services from IT Governance:

Mentor and Coach
In-House
LiveOnline
FastTrack
Training

IT Governance can help you to implement projects involving: