Health informatics governance Flashcards Preview

Year 3: Health informatics and change management > Health informatics governance > Flashcards

Flashcards in Health informatics governance Deck (11):

What is required to ensure confidentiality and data protection?

Adequate training in data protection
Compliance with data protection act 1998
Organisational policies and procedures
Audit process and evidence of compliance


What are the requirements of the data protection act 1998?

Data should be:
Fairly and lawfully processed
Processed for limited purposes
Sufficient and relevant
Not stored for longer than necessary
Processed in line with data subject's rights
Transferred only to countries with adequate security


What are the caldicott principles related to?

Use and transfer of patient identifiable data other than for direct care, medical research, or statutory requirement


What are the duties of a Caldicott Guardian?

Strategy and governance
Confidentiality and data protection expertise
Internal information processing
Information sharing


What are required for information security assurance?

Adequate skills
Established business processes
Choice of IT systems supports security requirements
Business continuity plans
Identifiable information assets
Network access security


What are required for clinical information assurance?

Adequate skills and knowledge
Correct use of NHS number
Procedures for accuracy of clinical information


What are required for secondary uses assurance?

National data definition standards
Maintain external data quality standards
Audit clinical coding accuracy
Validation processes for clinically coded data


Who is the competent authority in the UK to implement the MDD



Who are the notified body?

Company accredited to assess device against CE mark


What are the practical considerations for software with a CE mark?

Development must follow a recognised software lifecycle
Risk analysis
Scrutiny of process as well as product


Why is it important that systems are managed appropriately?

Could affect diagnosis or treatment
Patient pathway can involve several medical devices
System admin and interoperability may affect outcomes
Should be managed as part of a process