Minutes Thursday 10 October 2019

10am to midday

Skipton House, London 232D, and Quarry House, Leeds 4W25.

Attendees

Name	Representing	Role
Dawn Monaghan, Chair (DM)	NHSX	Head of IG Policy
Dame Fiona Caldicott (DFC)	National Data Guardian	National Data Guardian for Health and Social Care
Matthew Gould (MG)	NHSX	CEO NHSX
Lorraine Jackson (LJ)	NHSX	Deputy Director, Data Policy
Kathy Hall (KH)	NHSX	Director of Technology and Data Strategy
David Evans (DE)	NHSX	IG Policy Projects Lead
Jackie Gray (JG)	NHS Digital	Executive Director of IG
Juliet Tizzard (JT)	Health Research Authority	Director of Policy
Dr Robert Kyffin (RK)	Public Health England	Data & Information Policy and Partnerships Lead
Simon Richardson (SR)	Care Quality Commission	Information Rights Manager
Dr Tony Calland (TC)	Confidentiality Advisory Group	Chair of Confidentiality Advisory Group
Jonathan Bamford (JB)	Information Commissioner’s Office	Director of Strategic Policy, (Domestic)
Rachel Merrett (RM)	NHSX	Head of Stakeholder Engagement.
Jenny Firth (JF)	NHSX	Head of Information and Transparency
Sally Chapman (SC)	NHSX	Project Manager Data Sharing & Privacy Unit

Apologies

Name	Representing	Role
N/A	-	-

Items

	Item
1	Welcome and Introductions DM welcomed members to this the first National Information Governance Board. MG also welcomed the Board and outlined the need for simplified information governance so that any unnecessary barriers are removed and information can be shared to benefit patients. MG opened up the discussion with points raised of the need to educate GPs on data sharing; the need for guidance to be supported by standards; the need to focus on patient benefits and involve patients; and the need to consider and help address IG challenges in social care. JG acknowledged the need to increase standards of how the Board will work with guidance, giving consideration to the challenges within areas of law, that are not understood. DFC agreed that the agenda of patient safety is an ideal time to embed this. All agreed that assurance for patients/service users is key with a need to consider how to collaborate with patients/service users including in social care. DM advised the Board that this group would need to have a risk register going forward and we should consider what those risks may be and discuss at the next board. Collective guidance The Board agreed that a definitive list of guidance is to be curated, noting this is a substantial, but urgent task, as many different organisations are producing guidance on issues relating to IG. Action DM - IG policy team in NHSx to produce a curated list of guidance and update on progress at the next meeting.
2	Review of TOR/ Name of group/ Membership Membership Discussion held regarding who else should be invited to join the Board. All agreed that clinicians would input through the sub groups. SR noted that the Board is missing a representative from social care. DFC supported the identification of a representative. DM queried who in adult social care would usually sign off guidance. SR advised that not aware that anyone has statutory sign off. DE agreed to approach the appropriate person from the LGA with the correct level of responsibility. DFC recommended that patients needed to be involved whilst recognising it can be tricky to identify those who can bring a broad range of opinion. RK suggested the same was true for social care. Scope DFC asked if the Board has the responsibility to advise MG and higher? DM confirmed this Board reports up to MG with recommendations. NHSx has overall responsibility for publication but sign off would be done collectively through the Board. RK advised that the vision for the immediate future is not the same as the long term vision. The Board agreed that was the case. RK stated a preference to have a tighter group in the first instance to get key messages out and reiterated the need to be clear on what is the scope? RM advised an operational process may help and would enable the Board to engage different stakeholders and groups for recommendation to be reported back to the Board. JG reminded the Board to be aware that the different organisations have their own statutory function. DM agreed, that whilst organisations may author guidance they have a statutory duty to provide, it would also need the sign off from the Board. JG noted that there is a difference between providing guidance and being responsible for the content. DFC advised the NDG and the ICO are currently working on a joint statement regarding GDPR and Caldicott principles. All agreed that it is to be a one stop shop for guidance and that the focus of the group needs to be clearer. Actions ALL - Review ToR, sending specific edits to SC. SC/DM - Revise and incorporate changes to TOR and circulate prior to next meeting. DM - Approach ADASS to join the Board. DE - Approach LGA to join the Board. DM - Draft key points of discussion on the scope of the Board and circulate. ALL - Consider and send suggestions for the name of Board to SC.
3	Operational Processes - paper presented by RM RM provided a verbal update on a proposed operational approach to ensure that stakeholders were engaged and actions were taken forward between meetings. The approach was broadly supported by members. RM agreed to set this out in a paper, including a stakeholder list, for the next meeting. Actions RM - Provide a paper on the proposed operational approach to the next meeting RM - Provide full findings of the questionnaire at the next meeting.
4	Work in Progress - Updates from Members of work already underway JG gave an update on the work NHSD were undertaking on looking at the role that Article 40 could play in relation to health and guidance. A template was in development which picks up all the technical requirements on what a code is and how to target codes, initially using the toolkit as a form of monitoring. JG proposed that a group is set up to assess the value of codes and to bring recommendations to the Board. Proposal agreed by the Board. JT advised that guidance is in development with the NDG, to provide clarity of how to inform the NHS on how to lawfully use patient data for the development of medical software, including common law and what kinds of approval are required when developing this technology. DFC updated the Board that following becoming statutory they have consulted on what the priorities should be. The priorities had been published on the NDG website. An action plan was in progress and DFC explained that it would be useful to hear if their priorities overlapped with others. TC advised the Board that CAG were looking at AI and machine learning,namely the issue of the amount of data that is going to be required and balancing the concerns of Public interest and ethics. JB explained a lot of the ICO work had been covered by the other members but concluded that they had increased focus on health and care data. They were looking at codes; regulatory tools around accountability to support compliance and have opened a regulatory sandbox in relation to healthcare. SR advised that the CQC were in the process of developing a consistent manner to identifying and responding to innovation along with updating guidance on CCTV. Actions DFC - NDG office to distil priorities into a paper to be circulated to members. JG/DM - Meeting to discuss how to take the code forward and to establish working. DFC/JB - Share the NDG and ICO statement regarding work between the GDPR and the Duty of Common Law with the Board and advise their responsibility. ALL - Members to list their top three pieces of guidance that they are working on to DM.
5	Risk Register – Suggested items Action All - Board to consider any risks they may want to add to the register for the next meeting.
6	Any other business Date of next meeting would be November with subsequent meetings bi-monthly from January 2020. Action SC - Circulate date of next meeting for November and plan dates for year ahead