Information Governance Requirements for General Practice
The Data Security & Protection Toolkit has replaced the IG toolkit. Information can be found here:
There is a version for General Practice. The new toolkit is linked to the ten data security standards, published by the National Data Guardian and CQC and link to the requirements of the GDPR.
The levels of compliance in the IG toolkit have been removed and organisations are now required to comply with the assertions that relate to their organisational type and where evidence is required it is mandatory to provide it. Evidence is only asked for where it adds value. To pass the assessment an organisation must complete all of the 52 mandatory items.
Guidance for Practices:
Wessex LMCs in conjunction with Jason McLean (Shanklin Medical Centre) & Caroline Sims (South Central & West CSU) have produced guidance to help practices complete the new IG Toolkit.
These can be accessed by selecting the appropriate link below for your area:
- Data Protection & Security Guidance - BaNES, Swindon & Wiltshire
- Data Protection & Security Guidance - Dorset
- Data Protection & Security Guidance - Hampshire & IOW
When providing evidence you do not have to insert the documents within the toolkit, however we would suggest you store these in one place which is easily accessible should they be required.
Click here to access information & resources on the new IG toolkit which is available on the NHS Digital website.
The deadline for completion is on the 31st March 2019.
Acknowledgements: Thank you to Chris Gwyther (Testvale Surgery), Sue Crowley (The Centre Practice) & Caroline Sims for agreeing to share their policies as suggested evidence within this document
Data Security & Protection Hot Tips Webinar
We recently hosted a webinar which takes practices through the completion of the Data Security & Protection Toolkit.
Click here to access the presentation slides.
Data Security awareness training
This has replaced the IG training tool. It is available via e-learning for health: https://www.e-lfh.org.uk/programmes/data-security-awareness/ or via the Electronic staff record.