Our information governance is provided by North Cumbria Integrated Care NHS Foundation Care Foundation Trust (NCIC).
More information about NCIC can be found by visiting: www.ncic.nhs.uk/
More information for staff and patients about the way in which your data is processed and stored can be found here:
- Counter Fraud, Bribery and Corruption Policy (Approved Sept 2019)
- Information Governance Code of Conduct
- Business Code of Conduct Policy (Approved Sept 2019)
- View Information Sharing Agreement
This sharing agreement has been created between organisations providing:
- Social Care
- Offender information (Prison)
- Support and Intervention for Youth Offenders
- Home Fire Assessments across Cumbria
A Caldicott Guardian is a senior person responsible for protecting the confidentiality of patient and service-user information and enabling appropriate information sharing.
The Caldicott Guardian for NHS Cumbria Clinical Commissioning Group is Medical Director Dr. David Rogers.
Acting as the 'conscience' of an organisation, the Guardian actively supports work to enable information sharing where it is appropriate to share, and advises on options for lawful and ethical processing of information.
The Caldicott Guardian has a strategic role, which involves representing and championing issues related to information sharing at Board or management team level.
Organisations that access patient records are required to have a Caldicott Guardian; this was mandated for the NHS by the Health Service Circular: HSC 1999/012. The mandate includes acute trusts, ambulance trusts, mental health trusts, Clinical Commissioning Groups (CCGs), special health authorities, commissioning support units and area teams. Caldicott Guardians were subsequently introduced into social care in 2002, mandated by Local Authority Circular: LAC 2002/2.
The Senior Information Risk Owner (SIRO) owns the CCG’s overall information risk policy and risk assessment process ensuring the CCG has a robust incident reporting process for information risks. The SIRO reports to the Governing Body and provides written advice to the Accounting Officer on the content of the Statement of Internal Control in regard to information risk.
The SIRO for NHS North Cumbria Clinical Commissioning Group is Chief Finance Officer Charles Welbourn.
NHS North Cumbria CCG is a ‘Data Controller’ under the Data Protection Act 1998. This means we are legally responsible for ensuring that all personal data that we hold and use is done so in a way that meets the data protection principles. We must also tell the Information Commissioner about all of our data processing activity. Our registration number is Z3582415 and our registered entry can be found on the Information Commissioner’s website.
All of our staff receive training to ensure they remain aware of their responsibilities. They are obliged in their employment contracts to uphold confidentiality, and may face disciplinary procedures if they do not do so. A limited number of authorised staff have access to personal data where it is appropriate to their role.
Our Information Governance and Data Protection Service is provided by
North Cumbria Integrated Care NHS Foundation Trust.