information governance and offences Flashcards
(21 cards)
what is information governance
the way in which the NHS handles all of its information, in particular the personal and sensitive information relating to patients and employees.
what does IG provide a framework to ensure
Provides a framework to ensure that personal information is dealt with legally, securely, efficiently and effectively, in order to deliver the best possible care.
why is it good that it offers nhs employees a clear structure
to deal consistently with the many different rules about how information is handled
The legal framework governing the use of personal confidential data in
health care is complex. It includes:
- what 4 acts
–NHS Act 2006
–Health and Social Care Act 2012
–Data Protection Act
–Human Rights Act
The law allows personal data to be shared between those offering care directly to patients but it protects what
patients’ confidentiality when data about them are used for other purposes
what do the secondary uses of patient data include
- –Researching what treatments work best
- –Reviewing and improving the quality of care provided
- –Commissioning clinical services
- –Planning public health services
When was the Data Protection Act first introduced
DPA first introduced in 1984
Data Protection Act
In 1998 was updated to the current DPA- data held in ANY FORMAT!
personal info is defined as
“any info that can be used to identify a living individual such as name, address, DOB, there is no lower age limit so long as the child understands their rights, their consent must be sought.
personal info contains both facts and opinions about the individual - true or false
true
patient rights under the act
https://www.notion.so/dispensing-and-prescriptions-1dd00bb3982d806aa330f48dd45bc7bc?pvs=4#1de00bb3982d80789876f35a9f2be8f7
Patient Confidentiality
- also covered by what organisations
- Also covered by NHS & RPS code of practice
patient confidentiality must be protected against what and therefore disposed and stored how
- Must be protected against improper disclosure during storage, removal, receipt or transfer.
- Data encryption - access control.
- Must be disposed in such away that it is irretrievable.
patient confidentiality applies to which employees
all, in fact
- Confidentiality also applies to other NHS employees such as doctor’s prescribing habits
types of criminal offences
notification
procuring + selling
what are Notification Offences
this is where processing is being undertaken by a data controller who has not notified the Commissioner. (GPhC is registered with ICO)
what are Procuring and selling offences
exception where obtaining or disclosing is necessary for crime
prevention/detection. If a person has obtained personal info illegally ie without consent its an offence to sell personal information.
what are Electronic Communications
unsolicited marketing communications.
The Role of the Information Commissioner’s Office.
The ICO has specific responsibilities for the promotion and enforcement of the DPA.
Under the DPA the ICO may serve what notices
- Serve info notices requiring data controllers to supply info needed to assess compliance.
- Where there has been a breach, serve an enforcement notice.
