Information governance guidance

Information Governance Framework: Shared Care Records

The Information Governance Framework for Integrated Health and Care: Part 1 - Shared Care Records has been developed to provide a structured approach to ensure Shared Care Records meet their legal obligations.

Using cyber technology: top tips for pharmacy teams

This factsheet provides pharmacy teams with top tips on the communication tools to use to support the care of patients and service users, particularly during the pandemic.

Use and share information with confidence

This guidance will support you to use and share information with confidence when caring for patients and service users.

Using video conferencing and consultation tools

This guidance sets out how video conferencing and consultation tools can be used safely and securely.

Information sharing in Multidisciplinary Teams (MDTs)

A MDT is a group of health and care staff from different organisations and professions that together make decisions regarding the treatment of individual patients and service users. There are some IG considerations when working as part of an MDT.

Sharing information with the voluntary sector

This guidance provides information to health and care organisations on how information about patients and service users can be shared safely with the voluntary sector

Use of mobile devices by patients in hospitals

This guidance provides advice for patients using mobile devices such as phones, tablets and cameras in acute hospitals.

Video conferencing with colleagues

This advice sets out the IG considerations when staff are using video conferencing tools to communicate with other members of staff during the COVID-19 pandemic.

COVID-19 information for volunteers

This guidance provides information governance (IG) advice to support organisations who are working with volunteers during the COVID-19 period. It also provides some advice which can be provided to the volunteers.

COVID-19 IG advice

This guidance provides advice on working in different ways during the COVID-19 outbreak.

COVID-19 privacy notice

An example supplementary privacy notice which can be used by organisations to inform patients and service users about the ways information is being used as a result of COVID-19

COVID-19 IG advice for social care

This guidance provides advice for the social care sector on working in different ways during the COVID-19 outbreak.

Personal data breaches

This guidance will help health and care organisations deal with personal data breaches, for example, losing personal information. It provides advice on what a personal data breach is and the steps that need to be taken if a breach occurs.

Records Management Code of Practice

The Records Management Code of Practice 2021 sets out how records relating to health and care should be managed.

Sharing information with the police

This guidance is about disclosure of information by health and care organisations to the police.

What is and isn’t direct marketing?

The ICO has produced wider guidance on direct marketing for the public sector. This guidance, produced by the panel, specifically considers the rules on direct marketing in the context of health and care communications.

Understanding Health Data Access (UHDA)

A suite of short films and resources explaining the rules that govern how health and social care data is shared beyond the treatment of individuals.

Flu vaccines and the COVID-19 response

This guidance describes how data is being used to help ensure that those who are entitled to a flu vaccine receive one. This is very important during the pandemic. This guidance covers data relating to both health and care staff and patients.

Digital staff passport

A summary of the information governance steps which need to be taken to set up Digital Staff Passports

Data sharing agreement template

A data sharing agreement template and accompanying guide which can be used by local organisations.

Bring your own device (BYOD) guidance

BYOD is a service offered by organisations to their employees to enable them to use their own devices for work, such as mobile phones, laptops and tablets. This guidance focuses on the IG considerations.

Using mobile messaging

This guidance will support the safe and secure use of mobile messaging software in health and care settings.

Subject Access Requests

This guidance will help you understand what a Subject Access Request is and how they are responded to.

Consent and confidential patient information

This guidance is about consent and what it means when sharing Confidential Patient Information.

Email and text message communications

This guidance is about how you can safely use email and text messages to communicate with patients and service users.

Template for email and text message communications

This is a template policy which can be adapted for when using text and emails to communicate with patients/service users.

Access to NHS Staff COVID-19 Test Results

This guidance provides advice on employers accessing the COVID-19 test results of NHS staff.

Access to care home staff COVID-19 test results

This guidance is to assist care home managers when dealing with information relating to staff testing for COVID-19.

Caldicott principles

Eight principles to ensure people's information is kept confidential and used appropriately.

GDPR guidance for researchers and study coordinators

This operational guidance has been produced by the Health Research Authority for researchers and study coordinators on the implications of the GDPR for the delivery of research in the UK.

Guidance for CAG Applicants

Detailed guidance from the Health Research Authority on submitting an application to Confidentiality Advisory Group (CAG) for both research and non-research purposes.