Information Governance is the set of standards we must follow in handling personal healthcare records. Good information governance means that all personal health information is handled legally, securely, efficiently and effectively in order to deliver the best possible care to people who use our services. It also includes sharing of relevant personal health information with our healthcare providers, where appropriate.
We must manage our records effectively. This means that information should be accurate, up to date and accessible when needed.
We must ensure that information is kept securely and is accessed only by those who should be accessing it.
We must protect the confidentiality of the information - information provided in confidence is not to be used or disclosed in a way that might identify an individual, without a legal basis for processing.
Patients have a right to access health information about themselves.
Good information governance practice will help the hospital to ensure that, among other things:
Appropriate management and workforce structures are in place to oversee information governance arrangements
Information is used ethically in a manner that protects the rights and best interests of patients and service users
Information within computerised and paper-based systems is held securely and is accurate and available, when and where it is needed. For example, in the event of an unplanned attendance/ admission
Processes and procedures for information and records management are efficient and effective
The workforce is provided with guidance and appropriate, effective training
Information is shared appropriately to facilitate the safe transfer and sharing of care.
There is an Information Governance Group in the hospital, established to drive and oversee the development, implementation and continuous improvement in the structures and processes required to ensure that:
Information obtained by the hospital is appropriate, accurate, complete, safe and secure, and is destroyed when not required
The development, implementation and continuous improvement of the structures and processes required to ensure that each patient who attends St James’s Hospital has a unique and secure healthcare record. Such a record would provide a comprehensive, current, accurate and clear account of all aspects of a patient’s condition, care and treatment, which is accessible to all authorised staff at the point of care delivery
Applicable legislation and guidance is implemented and followed
Staff are made aware of their responsibility in the capture, use and maintenance of sensitive personal data
Appropriate training and awareness campaigns are identified for staff in the area of information governance.
Yes. The EU General Data Protection Regulation (GDPR) requires that data controllers provide certain information to people whose information (personal data) they hold and use. A privacy policy is one way of providing this information.
The purpose of our privacy policy is to clearly communicate to you how the hospital handles your personal information. It will give you a better and more complete understanding of the type of personal information that the hospital holds about you and the way the hospital handles the information.