The role of Information Governance in delivering social care services
Due to the nature of our work, we hold sensitive information about everyone who uses our services. We have legal responsibilities when we use this information and we have a duty to treat this information confidentially and manage it well as part of our service to our service users and the public.
We use the term Information Governance (IG) to describe the process of obtaining, recording, storing, organising, adapting, using, sharing, providing access to and destroying information appropriately.
Information Governance draws all our information handling requirements into a single framework. This leaflet will help you to understand:
how Information Governance can help us improve service user care that IG is everyone’s responsibility how IG applies to your role the importance of keeping service users fully informed where you can go to get further guidance and help through training and development opportunities
Understanding all the above will help us as individuals to meet our responsibilities in full by adopting best practice in information management and as an organisation to comply with the law.
Meeting the requirements of Information Governance
Information Governance helps us to ensure that we all follow best practice in information handling and, in so doing, meet our legal requirements. Legislation and guidance is available to help us act appropriately every time we process service users’ personal details. These include:
Data Protection Act Freedom of Information Act a variety of data sharing protocols in RCT Wales Accord on the Sharing of Personal Information*
* the Wales Accord has established a framework to enable organisations providing services and others directly concerned with the wellbeing of an individual to share information between themselves in a lawful and properly considered way. Consent
We should always explain to service users why we need the information we seek from them and how we intend to use it. We should always obtain consent before we share personal information with partner organisations involved in the care of the individual. In a few cases this may not be essential if we are protecting the service user’s vital interests or complying with a legal duty. Don’t be persuaded to break a confidence. We should ensure that service users understand exactly what they have given their consent to.
If you think there is a legitimate need to share information about a service user without consent, always check before doing so and record who you have shared information with and why you have made this decision.
Standards of information handling
There are standards identified in data protection legislation to ensure that information is:
obtained fairly and lawfully used only for the purpose for which it was collected adequate, relevant for the purpose and not excessive recorded accurately and kept up to date reliably held securely and confidentially only shared appropriately and lawfully processed legally and within the rights of the service user (or data subject) destroyed safely when no longer required – usually after 7 years following our last contact with a service user, except in child care cases when records may need to be stored for that person’s lifetime. Guidance is available about this.
Applying Information Governance well will inform our service users that:
their records will not be disclosed inappropriately they can trust our social care working practices the confidence they have to be more open to sharing important personal information with us is well founded they will receive good quality care as a consequence
Giving clear guidance to service users, families and carers
Local guidance is available to explain how we handle service users’ personal information in accordance with the law and how concerns they may have can be expressed and complaints made. We must respect their rights and entitlements and they should be assured that their information is handled appropriately. Good Information Governance will improve records management
Documents that guide our practice are available on Social Care Online (see Useful sources of information) and include our:
case recording policies for adult and children’s services client access to files policy information sharing protocols Information Security Policy Data Protection Policy Guidelines on the retention of data
Please find time to read these documents.
Your role in ensuring Information Governance is done well
Here are some actions that you can take to assist us to make Information Governance a success:
1. Participate in education and training opportunities - take up any education and training offered to develop your awareness of the legal and organisational requirements when handling information. With relevant training and evaluation, we can ensure that we are aware of how we should: respect service users’ rights use personal information appropriately create, file and store records in line with best practice seek assistance from appropriate sources
2. Participate in the audits of Information Governance that we will be undertaking to check our compliance with WASPI - this will enable you to develop and strengthen your understanding of Information Governance and help you to improve the way in which you and your team process data.
3. Help your team achieve best practice - familiarise yourself with the documents outlining the guidance and procedures in information handling and make sure you follow the relevant procedures or processes. Failure to do so could impact on your whole team and potentially the whole service.
Don’t be afraid to speak up about shortcomings; you should feel comfortable to discuss with other members of your team your concerns about meeting standards or following best practice. You may identify issues that may otherwise not be addressed. (Alternatively, you can speak to our Information Systems and Governance Manager) 4. Ensure that errors give rise to learning - a culture of blame is not conducive to making improvements. Lessons can usually be learned from things that go wrong and may be used to improve future practice.
5. Share your good practice - if you identify ways in which information handling can be improved in your work area, share your ideas with your colleagues and encourage others to share their good practice too. By doing so, they will feel more valued and respected if they know that their ideas are listened to and, where appropriate, action taken to implement them.
6. Keep Personal Information Secure – make sure confidential information is not unlawfully or inappropriately accessed by following these suggestions:
comply with our computer safety procedures do not share your access passwords with others ensure you log out once you have finished using a computer do not leave paper records unattended where possible, lock rooms and cupboards where personal information is stored having access to information doesn’t mean that you should, unless you have an appropriate reason to do so
7. Make sure that records and documents you create are appropriately accessible - remember, information governance helps ensure all personal information is handled in compliance with law and guidance. Where appropriate, you should ask the service user to confirm that they understand this and to sign a consent form. Signing a consent form does not mean that their consent is for ever; the service user can withdraw their consent at any time.
8. Encourage service users to be actively involved in decisions about their care - including the use of their personal information. Under the Data Protection Act 1998, individuals have the right to know what information we hold about them, to see their records and to request that inaccuracies in them are corrected. Our leaflet entitled ‘Can I see my file?’ explains their right of subject access and how to go about viewing the records we hold on them.
9. Communicate clearly - we have a responsibility to provide clear guidance to service users, their carers and families about their rights and our duties under the legislation on data protection. ensure that advice you give about Information Governance to service users is clear and concise and encourage service users to make informed decisions about how we process their personal information.
The Information Governance Group (IGG) The IGG is working to review the Information Governance process across social care services, including monitoring existing policies and procedures in use. Information Governance helps us to work appropriately with partners or in multi-disciplinary teams to deliver services through the Unified Assessment, Person Centred Planning or Integrated Children’s Scheme processes. It depends on teamwork and good communication among staff from all agencies to encourage:
sharing good practice ideas across departments and organisations developing joint initiatives between ourselves and other statutory, voluntary and private sector organisations avoiding duplication through shared efforts
Sources of useful information
There’s lots of information in our Information Governance webpage in Social Care Online. Go to ‘sitemap’ http://rct-intranet/communitycare/sitemap.htm and click on Information Governance
Other information is available from:
Information Commissioner’s Office www.ico.gov.uk
Records Management Society www.rms-gb.org.uk
WASPI’s website www.wales.nhs.uk/sites3/home.cfm?orgid=702
Public Concern at Work www.pcaw.co.uk is an independent body providing free legal advice to individuals concerned with wrongdoing in the workplace
Local Government Data Handling Guidelines highlight the best examples of secure data handling, provide local authorities with an essential checklist of actions and set the standard for local government into the future http://www.idea.gov.uk/idk/aio/9048091
Our Information and Systems Governance Manager is based at Ty Elai, Dinas Isaf East, Williamstown. Telephone 01443 444593
Our Corporate Information Management Officer is based at The Pavilions, Clydach Vale, Tonypandy. Telephone 01443 424189