Information Governance

Homepage » About us » Key Policies & Documents » Information Governance

How does NHS North Cumbria Clinical Commissioning Group (CCG) look after the information that you give us?

Our information governance is provided by Cumbria Partnership Foundation Trust (CPFT). More information about CPFT can be found by visitng the following website: https://www.cumbriapartnership.nhs.uk/|

More information for staff and patients about the way in which your data is processed and stored can be found here:

Counter Fraud, Bribery and Corruption Policy (Approved Sept 2019)|

Information Governance Code of Conduct|

Business Code of Conduct Policy (Approved Sept 2019)|

View Information Sharing Agreement|

This sharing agreement has been created between organisations providing:

- Health
- Social Care
- Education
- Offender information (Prison)
- Support and Intervention for Youth Offenders
- Home Fire Assessments across Cumbria


View information on 'Fraud in the NHS'|




 
Caldicott Guardian


A Caldicott Guardian is a senior person responsible for protecting the confidentiality of patient and service-user information and enabling appropriate information sharing.

The Caldicott Guardian for NHS Cumbria Clinical Commissioning Group is Medical Director Dr. David Rogers.

Dr-David-Rogers

Acting as the 'conscience' of an organisation, the Guardian actively supports work to enable information sharing where it is appropriate to share, and advises on options for lawful and ethical processing of information.

The Caldicott Guardian has a strategic role, which involves representing and championing issues related to information sharing at Board or management team level.

Organisations that access patient records are required to have a Caldicott Guardian; this was mandated for the NHS by the Health Service Circular: HSC 1999/012. The mandate includes acute trusts, ambulance trusts, mental health trusts, Clinical Commissioning Groups (CCGs), special health authorities, commissioning support units and area teams. Caldicott Guardians were subsequently introduced into social care in 2002, mandated by Local Authority Circular: LAC 2002/2.

Senior Information Risk Owner (SIRO)


The Senior Information Risk Owner (SIRO) owns the CCG’s overall information risk policy and risk assessment process ensuring the CCG has a robust incident reporting process for information risks. The SIRO reports to the Governing Body and provides written advice to the Accounting Officer on the content of the Statement of Internal Control in regard to information risk.

The SIRO for NHS North Cumbria Clinical Commissioning Group is Chief Finance Officer Charles Welbourn.

Charles-Welbourn

 


 

Data Protection

NHS North Cumbria CCG is a ‘Data Controller’ under the Data Protection Act 1998. This means we are legally responsible for ensuring that all personal data that we hold and use is done so in a way that meets the data protection principles. We must also tell the Information Commissioner about all of our data processing activity. Our registration number is Z3582415 and our registered entry can be found on the Information Commissioner’s website.

All of our staff receive training to ensure they remain aware of their responsibilities. They are obliged in their employment contracts to uphold confidentiality, and may face disciplinary procedures if they do not do so. A limited number of authorised staff have access to personal data where it is appropriate to their role.

Our Information Governance and Data Protection Service is provided by Cumbria Partnership NHS Foundation Trust|.

 
Bookmark and Share

© Copyright NHS Cumbria CCG 2019. All rights reserved.