Our information governance is provided by North Cumbria Integrated Care NHS Foundation Trust (NCIC).
More information about NCIC can be found by visitng the following website: www.ncic.nhs.uk
NHS North Cumbria CCG is a ‘Data Controller’ under the Data Protection Act 1998. This means we are legally responsible for ensuring that all personal data that we hold and use is done so in a way that meets the data protection principles. We must also tell the Information Commissioner about all of our data processing activity. Our registration number is Z3582415 and our registered entry can be found on the Information Commissioner’s website.
All of our staff receive training to ensure they remain aware of their responsibilities. They are obliged in their employment contracts to uphold confidentiality, and may face disciplinary procedures if they do not do so. A limited number of authorised staff have access to personal data where it is appropriate to their role.
Our Information Governance and Data Protection Service is provided by
North Cumbria Integrated Care NHS Foundation trust
The Caldicott Guardian for NHS Cumbria Clinical Commissioning Group is Medical Director Dr. David Rogers.
A Caldicott Guardian is a senior person responsible for protecting the confidentiality of patient and service-user information and enabling appropriate information sharing.
Acting as the 'conscience' of an organisation, the Guardian actively supports work to enable information sharing where it is appropriate to share, and advises on options for lawful and ethical processing of information.
The Caldicott Guardian has a strategic role, which involves representing and championing issues related to information sharing at Board or management team level.
Organisations that access patient records are required to have a Caldicott Guardian; this was mandated for the NHS by the Health Service Circular: HSC 1999/012. The mandate includes acute trusts, ambulance trusts, mental health trusts, Clinical Commissioning Groups (CCGs), special health authorities, commissioning support units and area teams. Caldicott Guardians were subsequently introduced into social care in 2002, mandated by Local Authority Circular: LAC 2002/2.
Senior Information Risk Owner (SIRO)
The SIRO for NHS North Cumbria Clinical Commissioning Group is Chief Finance Officer Charles Welbourn.
The Senior Information Risk Owner (SIRO) owns the CCG’s overall information risk policy and risk assessment process ensuring the CCG has a robust incident reporting process for information risks.
The SIRO reports to the Governing Body and provides written advice to the Accounting Officer on the content of the Statement of Internal Control in regard to information risk.
Information Governance Documents
|Business Code of - Conduct Policy - Approved Sept 2019.pdf||462.59 KB|
|Counter Fraud, Bribery and Corruption Policy - Approved September 2019.pdf||510.76 KB|
|Information Sharing Agreement - Cumbria.pdf||350.89 KB|
|Information Governance Code of Conduct.pdf||831.33 KB|
|Fraud Insight newsletter.pdf||1,093.29 KB|
|audiotone counter fraud poster.pdf||1,932.53 KB|
The sharing agreement has been created between organisations providing:
- Social Care
- Offender information (Prison)
- Support and Intervention for Youth Offenders
- Home Fire Assessments across Cumbria