Information governance—a view from the NHS
Introduction
The governance requirements for information processing by NHS organisations are complex and these extend to everything that is done with, or to, NHS information. There is therefore a need to provide a broad based and standards driven approach to information governance and the objectives for NHS organisations that is both comprehensive and will provide the necessary consistencies for overall NHS compliance.
Traditionally, governance initiatives have focused on discrete portions of this complex field and have neglected the whole. This has resulted in a degree of shortfall, confusion and duplication, and no real understanding of the bigger picture.
The NHS is now to adopt a new approach to the governance of its information resources. This approach includes aspects of:
Holding information securely and confidentially;
Obtaining information fairly and efficiently;
Recording information accurately and reliably;
Using information effectively and ethically; and
Sharing information lawfully and appropriately.
This approach is also known as the ‘HORUS’ model.
In determining the detail of this model, it is recognised that patients will have a legitimate expectation that information collected and processed about them will be held securely and confidentially, be accurate and complete and be readily accessible to those involved in their care. At the same time, patient-centred services require that patients be informed about and consent to the services they receive.
With these points in mind, the NHS is now developing and refining national standards relating to:
- •
The provision of information to patients;
- •
Patient consent;
- •
Information security and confidentiality;
- •
Information quality; and
- •
Records management
These are to be the core strands addressed within the new NHS HORUS delivery model.
Section snippets
Setting the policy
In determining NHS information governance policy lines, it has been necessary to consider the values to clinical care through good quality records, reliable information and improved standards generally. These processes of clinical care are entirely dependent upon the product of credible information. Without this, healthcare effectiveness reviews and audit techniques are ineffective. Similarly, public health, epidemiology, statistics, management analysis and research are all undermined when the
The whole system perspective and national IG framework
Information governance for the NHS represents more than just a simple drawing together of familiar ideas and initiatives, such as those of confidentiality and security. It represents a new and comprehensive approach to the processing of NHS information and begins to recognise and develop the interdependencies between the relevant strands of corporate and clinical governance.
As already outlined, information processing has five broad aspects that have been combined within the information
Information governance within NHS organisations
Considerable responsibility for the delivery of information governance rests with NHS organisations, and particularly with their governing Boards. It is therefore expected that all NHS organisations will formally establish and manage information governance programmes that are appropriate to their local needs and that sit alongside their other NHS reporting requirements, including those for Controls Assurance.
All NHS organisations are also expected to develop and maintain corporate policies,
Supporting arrangements
To further assist NHS organisations with their consideration, implementation and management of information governance needs, a new NHS toolkit product is currently being developed and will be provided to all relevant organisations free of charge. This new toolkit product will bring together all NHS information governance requirements, key standards, target attainment levels, reusable templates and other illustrative materials in ways that are user-friendly, up to date and easily accessible. In
Conclusions
The NHS information governance initiative is both necessary and ambitious. It’s primary purpose is to manage appropriately and improve where possible the standards that apply to the processing of NHS information. The initiative will draw together several strands of NHS governance in a new way that is sensible and coherent and will allow NHS organisations to maximise the resources that are available to them.
This paper illustrates the approach that the NHS is developing to address its
References (1)
- BS7799, A code of practice for information security management, British Standards Institute,...
Cited by (36)
Data Matters: A Strategic Action Framework for Data Governance
2022, Information and ManagementCitation Excerpt :The mechanisms involved in data governance indicate that this is a collective action involving many participants. Companies need to consider the data lifecycle as they move forward with various governance initiatives [28, 89]. Strategic actions—concrete actions that form data collaboration across departments and organizations in the common pursuit of data governance efficiency [96]—can illustrate the viability of data and its potential for future growth and application.
Data governance: A conceptual framework, structured review, and research agenda
2019, International Journal of Information ManagementCitation Excerpt :Organizations use data policies to communicate key objectives, data accountabilities, roles, responsibilities, and data retention periods (e.g., DAMA International, 2009, pp. 47; Donaldson & Walker, 2004, p. 283; Morabito, 2015, p. 89). Enterprises enforce, monitor, evaluate, and revise data policies (e.g., Brous, Janssen et al., 2016, p. 10; Cheong & Chang, 2007, p. 1002; Donaldson & Walker, 2004, p. 283). Data standards ensure that the data representation and the execution of data-related activities are consistent and normalized throughout the organization (e.g., DAMA International, 2009, pp. 48; Kim & Cho, 2017, p. 387; Palczewska et al., 2013, p. 576).
Preliminary Research to Propose a Master Data Management Framework Aimed at Triggering Data Governance Maturity
2024, Lecture Notes in Networks and SystemsA taxonomy of data governance decision domains in data marketplaces
2023, Electronic MarketsEvaluating and Ranking SCPMS Enablers Using ISM and SWARA
2023, Applied Sciences (Switzerland)Development of governance for an integrated public data (GIPD) framework: illustrative use of GIPD in South Korea
2023, Aslib Journal of Information Management
- 1
NHS: National Health Service; in this paper the NHS in UK is meant.