Information Governance Manager

at  The Royal Orthopaedic Hospital NHS Foundation Trust

Information Governance To lead and co-ordinate Information Governance continuous improvement work programmes within the Trust relating to the following areas: - o Code of Confidentiality (Caldicott, Data Protection, Access to Health Records) o Clinical Information Assurance o Records Management o Information Security Assurance (BS7799 / ISO17799) o Freedom of Information o Communications & Training and Awareness To develop, review and implement all policies and procedures relating to Information Governance. To ensure that the requirements of DSPT are integrated into the core business functions and plans for the Trust To prepare and seek approval by the Executive Management Team for the annual plans to achieve the DSPT. To ensure that the Trust has a managed and coordinated approach to the implementation of the DSPT and interpretation within the organisation. Lead the development and implementation of policies and procedures to support the delivery of Information Governance.
To ensure that Freedom of Information training and awareness is included in the Information Governance training programme Monitor the Trusts position against the Information Governance toolkit against the annual work plan for Information Governance. Report to the Trust Management Executive on a regular basis, providing feedback on progress. To organise and service the Information Governance Group. To attend local, regional and national Information Governance related meetings on behalf of the Trust and feedback to the EMT, SIRO and other group eg.
Information Governance Group/Data Quality Group as appropriate. Information Security and Confidentiality To advise the Trusts management team with the implementation of policies and procedures to ensure that the organisation progresses towards compliance with the Caldicott requirements and the Confidentiality Code of Practice. Promoting the safe use of patient information and the production of returns as necessary. To advise the Head of IT, Information Manager and Director of Operations in order to ensure that information and records management strategies and polices are in line with current guidance and legislation.
To provide expert advice on the legality and ethics of information related decisions in relation to confidentiality Data Protection Act To act as Data Controller for the Trust and ensure the Trusts data protection registration is completed and maintained. To interpret the Data Protection Act in relation to the use of confidential information, providing expert advice and opinion on all Data Protection issues To provide advice and guidance on the Data Protection issues for all new projects that deal with the use of confidential information To manage the receipt, processing and review of DPIAs for new or changing systems To provide advice and guidance to the Trust on any new developments and legislative changes in relation to Data Protection. To keep up to date with new developments within the Law of Confidentiality Records Management To provide guidance and advice on health records management issues to all Trust staff To audit corporate records and to ensure they are managed according to the records management code of practice and internal good practice guidelines particularly with regard to retention and disposal. To ensure that all new developments (with particular relevance to Connecting for Health) meet all Information, Records and Data Management arrangements.
Information Sharing To be the lead for developing and implementing information sharing arrangements and protocols with partner organisations To be the lead on documenting and risk assessing data flows in and out of the Trust Information Quality Review the programme of activities aimed at improving the quality of service and patient related data held in electronic and manual systems which accurately reflects the Trusts service delivery and patient care Work with the Trust information management team and other IT & Records staff to provide and receive feedback which enable the proactive identification of local issues and areas of risk that impact on data quality and confidentiality, using judgement to implement preventive measures and taking remedial action as necessary. Risk Management Maintain an Information Asset Register and establish information asset owners (IAO) and administrators (IAS) for each one Support data owners in their monitoring and control of person identifiable information by providing training, advice and guidance Maintain a record of Trust data flows, and assess and implement risk mitigation controls of transmission methods. Review risks and controls on a periodic basis. Establish and monitor the security levels of information systems in partnership with IT technical staff, undertaking periodic organisational Information risk assessments, ensuring these are linked to the IM&T risk register (and where appropriate to the corporate risk register) Investigate suspected and actual information security and confidentiality incidents, in particular Serious Untoward Incidents, using and updating the Trusts Incident Management system working with other risk management staff as appropriate.
Carry out remedial action as required. Change Management Lead on the development of training and awareness documentation to promote Information Governance throughout the organisation (e.g. via posters, flyers, presentations etc.). To advise and support Directors, Senior Managers, Heads of Department, Service Managers and clinicians in their understanding of Information Governance and how it applies to their role in the organisation.
Ensure latest guidance on the Information Governance programme is available to staff and patients via the Trusts intranet, internet and other available communication resources. To provide expert advice on Information Governance (legal and ethical issues) in relation to any new developments within the Trust. Audit Develop, implement and monitor, audit programmes for Information Security Confidentiality Records (health and corporate) Information Quality And other Information Governance Related issues To be the trusts Information Governance audit lead in relation to new developments in the electronic patient record Agree audit plans in relation to Information Governance Group Ensure audit recommendations are implemented as appropriate. Provide the Information Governance related evidence for internal and external audits and for Care Quality Commission Outcome 21.
People Management To develop partnership working with a range of internal and external colleagues in relation to IG Compliance To co-ordinate, plan, direct and motivate the organisation on matters around IG and its overall importance. Investigate and lead on data breach investigations, discussing and providing training to individuals and suggesting adaptions to team leaders, services and working practices to prevent future breaches. To improve staff IG awareness through annual training, both in maintaining course material and the organisational levels of complianc

Please refer the Job description for details