Information Governance is an umbrella term relating to the processes and systems used by organisations to manage the information they hold. In the context of the NHS, it specifically refers to the processes and procedures used to ensure that:
- confidentiality is respected;
- records are held in secure conditions;
- information is recorded clearly and accurately, so that it can be easily read and relied upon by others providing care.
NHS Code of Practice
The 'Information Security Management: NHS Code of Practice' is a guide to the methods and required standards of practice in the management of information security for those who work in, under contract to, or in partnership with NHS organisations in England.
It is based on current legal requirements, relevant standards and professional best practice.
The Information Governance Toolkit
The Information Governance Toolkit provides primary healthcare teams and NHS professionals with the information to assist in dealing with the legal, ethical and social issues of information governance in relation to the access of patient data.
It covers the problems that can arise from the computerisation of patient records and guides practitioners through tackling real difficulties that can arise when trying to implement the current legislation rules and policies.
The toolkit can be purchased through our online shop.
Protecting the NHS Infrastructure
In order to connect with N3, organisations must ensure their information security management system (ISMS) complies with NHS security policies, which take controls from the ISO/IEC 27001 information security management standard.
IT Governance Ltd has extensive experience of ISO27001 (dating back to the world's first ever certification to BS7799, the precursor of ISO/IEC 27001) and also has practical experience with N3 connections and requirements.
For more information, visit our Codes of Connection page or contact us by using the methods below.