Health Information Governance

What is Health Information Governance?

Information governance provides a means of bringing together all the relevant legislation, guidance and evidence-based practice that applies to the handling of information. It offers a consistent way for people working in health and social care to deal with the many different legal provisions, guidance and professional codes of conduct that apply to handling personal health information. It is about setting a high standard for the handling of personal health information and giving services the tools they need to achieve that standard.

Why is it important?

Good information governance allows organisations and individuals to make sure that personal information such as that contained in a healthcare record is handled legally, securely, efficiently and effectively in order to deliver the best possible care to people who use health and social care services. It enables organisations to ensure that information is used ethically. This means showing, at all times, the proper respect for the person to whom the information relates.

What work is being done by HIQA?

Guidance has been developed on information governance for health and social care services in Ireland. This aims to support managers, regardless of the service, setting or location, to collect, analyse, use and share high quality personal health information legally, securely, effectively and efficiently. The guidance will be a useful resource for all staff but it will be aimed specifically at management level as a resource to implement structures to support good information governance practices in their organisations and support providers in becoming compliant. The guidance also provides detailed direction on how good information governance will support health and social care providers become compliant with the new requirements under the National Standards for Safer Better Healthcare.

We have also produced a practical information guide entitled What you should know about Information Governance: a Guide for health and social care staff and a self-assessment tool. The guide details:

• Requirements
• What you should know
• Benefits
• Making information governance a success.

The interactive self-assessment tool, aimed at management of organisations, asks a list of questions with a yes or no answer. It was designed to highlight areas where urgent action is required and where improvements can be made.

Information Governance Resources for health and social care

The Authority has already published a number of documents that are useful resources for health and social care professional and providers, and interested members of the public including:

• Guidance on Information Governance for health and social care services in Ireland and Presentation
• What you should know about Information Governance – A Guide for health and social care staff
• Information Governance Self-Assessment Tool
• Guidance on Privacy Impact Assessments in Health and Social Care
• Privacy Impact Assessment Threshold Assessment Form
• Sample Privacy Impact Assessment Report

External Resources

The following is a list of useful resources to help service providers in developing information governance policies, procedures and practices.

Irish College of General Practitioners and General Practice IT Group, www.icgp.ie

• A Guide to Data Protection Legislation for Irish General Practice, 2011
• No Data, No Business: Information Communications Technology (ICT) Security Guidelines, 2008

Health Service Executive (HSE) www.hse.ie

• Code of Practice for Healthcare Records Management, 2007

Data Protection Commissioner, www.dataprotection.ie

• Data Protection Guidelines on Research in the Health Sector, 2007
• Data Security Guidance, 2010
• Protecting the Confidentiality of Personal Information, 2008, Department of Finance

Medical Protection Society, www.medicalprotection.org

• The Medical Protection Society’s Guide to Medical Records in Ireland, 2010