What is Information Governance?
Information Governance (IG) is the framework for handling information in a secure and confidential manner that allows organisations and individuals to manage patient, personal and sensitive information legally, securely, efficiently, and effectively in order to deliver the best possible healthcare and services.
IG applies to, and impacts on, everyone working for, or on behalf of the Care Group. Additionally, everyone working in the Care Group has a legal duty to keep information about others secure and confidential.
IG is concerned with the standards that should apply when information is processed. Information processing has five broad aspects that encompass how information is obtained, recorded, held, used and shared. Therefore, it is of paramount importance that the Care Group ensures that all information is:
- Held safely and confidentially
- Obtained fairly and effectively
- Recorded accurately and reliably
- Used effectively and ethically
- Shared appropriately and lawfully
It brings together all of the legal requirements, standards and best practices (including policies and procedures, management and reporting arrangements, processes and controls, and training) that apply to the handling of patient, personal and sensitive information, including but not limited to:
- Access to Health Records Act
- Caldicott Principles
- Code of Practice on confidential information
- Common Law Duty of Confidentiality
- Computer Misuse Act
- Confidentiality: NHS Code of Practice
- Data Protection legislation - UK Data Protection Act 2018 and the UK General Data Protection Regulation 2016 (GDPR)
- Data Security and Protection Toolkit (DSPT)
- Freedom of Information Act
- Information Security Management: NHS Code of Practice
- Network and Information Systems (NIS) Regulations 2018
- Records Management Code of Practice 2021.
The Care Group collects, stores and uses large amounts of personal confidential data every day, such as care records, personnel records and computerised information. This data is used by many people in the course of their work. IG allows the Care Group to demonstrate to the public that it takes its responsibilities to safeguard information seriously. It also aims to protect patient information and confidentiality and to protect the Care Group and its staff.
You can review our policies below on how we achieve this in Tower Hamlets GP Care Group.
Meet our team
Sana Sabat
Information Governance Officer (IGO)
Christoper Norton
Governance Manager, Senior Information Risk Owner (SIRO)
Toby Longwill
Medical Director, Caldicott Guardian (CG)
Umar Sabat
Data Protection Officer
All Information Governance queries can be directed to the Information Governance inbox at: thgpcg.informationgovernance@nhs.net
For Subject Access Requests and Freedom of Information Requests please visit our online portal.
Please note that we do not accept subject access requests via email. All requests must be made via the online portal.
Further information about Subject Access Requests can be found here.
Staff Policies and Privacy Notices
Information and Governance Policy
Data and Protection Confidentiality Policy
All Employees Privacy Notice
GDPR and Fair Processing
Privacy Notice for children and young people
Children Privacy Notice
Videos and recordings
Recording phone calls Privacy Notice
Video Consultations Privacy Notice
Video Recordings Privacy Notice
Subject Access Request
Requests to see records and other related information about yourself are known as 'Subject Access Requests'. You have a right to get a copy of the information that is held about you.