Records and Information Governance
Information and Records Management in the Department of Health and Social Care are split between two main teams; the Information Governance Team and the Records Team. They are looked after by the Head of Information and Records Management. They work for both the Department of Health and Social Care and Digital Transofrmation and also oversee the Business Intelligence Team and the Clinical Coding Team.
Standards and Legal Rules
There are many different standards and legal rules that apply to Information and Records Management, including:
- Data Protection Act 2002
- Freedom of Information Act 2015
- Access to Health Records and Reports Act 1993
- National Health and Care Service Act 2016
- Children and Young Persons Act 2001
- Regulation of Care Act 2013
- Adoption Act 1984
- The common law duty of confidence
- The international information security standard: ISO/IEC 27002: 2005.
- The Report on the review of patient-identifiable information 1997 ('The Caldicott Report').
- The Information: To Share Or Not To Share? The Information Governance Review 2013 (also known as Caldicott 2 Report).
- The Government response to the Caldicott2 Report 2013.
- General Data Protection Regulation (GDPR) 2016
- Public Health Act 1990
- Human Rights Act 2001
- Public Records Act 1999
Because these standards and rules are so varied and complex, the Information and Records Management Team split up their work. The Information Governance Team focus on data protection and confidentiality, information security, information quality, and corporate information; the Records Management Team focus on the management of all the patient and service user records for the entire DHSC. The work between each team overlaps and they often work together to provide advice and practical support to our colleagues in and out of the Department, as well as fulfilling our responsibilities to Tynwald, Cabinet Office and the Information Commissioner as well as providing the public with advice and access to records and information.
The Information Governance Team
Information Governance provides a framework that brings together all the legal rules, guidance and best practice that apply to the handling of information. At its heart, the Information Governance Team is about setting a high standard for the handling of information and giving the DHSC service areas the tools to achieve that standard. The ultimate aim is to demonstrate that the DHSC can be trusted to maintain the confidentiality and security of personal information by helping our staff practice good information governance and to be consistent in the way they handle personal and corporate information.
The Records Management Team
Records management provides a focus for records of all types in all formats, including electronic records, throughout the records life. The Records Management Team are responsible for each records life cycle, from planning and creation through to ultimate disposal in the entire Department. This includes looking after all records, of all types for Health, Community Health, Occupational and Public Health, Mental Health, Adult Social Care, Children and Families Social Care, and Corporate Services.
Access to Records and Information
Both teams might get involved with providing access to information or records:
- If a member of the public requests personal data/information about themselves (or in some cases another person), they can make a Subject Access Requests or an Access to Health Records and Reports request. For more information please see: How do I access my records?
- If a member of the public, or a company or charity would like to request non-personal data/information they may do so by making a Code of Access or Freedom of Information Request. For more information please see: How to make a Freedom of Information Request. A list of those requests already made and responded to can be at Freedom of Information Responses.