INFORMATION GOVERNANCE  AND DATA Protection

Information Governance, (IG), is a framework for handling personal information in a confidential and secure manner to appropriate ethical and quality standards in a modern health service. It also provides a consistent way for employees to deal with the many different information handling requirements.
 

MMDA has a proven track record in supporting health and care organisations to achieve and maintain IG compliance and our IG Team are always prepared to provide answers, solutions, and improvements in a rapid, comprehensible, and manageable manner with our IG Compliance Plan.

The MMDA IG Compliance Plan is designed to ensure that your organisation meets its legal obligations and requirements concerning confidentiality and information security standards.

Our IG team will provide the expertise and experience necessary to ensure that your organisation has the highest quality IG Management and Data Protection Officer services to ensure you have an effective and efficient IG programme which supports current legislation.
 

How can our IG services support you?

Our IG team are BCS Data Protection Practitioner Level qualified with years of experience from a variety of NHS organisations and are well-versed in all related legislation and national standards, including: Data Protection Act 2018 UK General Data Protection Regulation The Common Law Duty of Confidentiality A Guide to Confidentiality in Health & Social Care 2013 Records Management Code of Practice for Health & Social Care 2016 The National Data Guardian Review of Data Security, Consent and Opt outs.

Here's an overview of the support we can offer you and your team:

• Data Protection Impact Assessments (DPIAs) assistance – mandatory under UK GDPR that risks are assessed where personal data is being processed
   
• Sharing and processing data with other NHS Partners and 3rd Parties – there must be a legal basis to do so
   
• Annual training – ensuring staff are up to date and compliant with legislation and the Data Security and Protection Toolkit
   
• Contracts – relevant UK GDPR clauses must be included in contracts
   
• Data Processing Agreements (DPA) – ensure these are in place of required
   
• Bespoke Training – usually following a serious incident or persistent incidents
   
• Audits & Spot Checks - to ensure IG controls have been implemented
   
• Record Management advice
   
• Regular Data Protection updates / communications

How can our Data Protection services support you?

All organisations who handle data, must have a named DPO who must be:

• Independent
• An expert in data protection
• Adequately resourced
• Report to the highest management level
   

The DPO must be able to undertake the following tasks, as described in Article 39 of the UK GDPR:

• Inform and advise you and your employees about your obligations to comply with the UK GDPR and other data protection laws
• Monitor compliance with the UK GDPR and other data protection laws, and with your data protection polices, including managing internal data protection activities; raising awareness of data protection issues, training staff and conducting internal audits;
• Advise on, and to monitor, Data Protection Impact Assessments
• Co-operate with the supervisory authority and
• Be the first point of contact for supervisory authorities and for individuals whose data is processed (employees, customers etc).

How can our IG Consultancy support your service?

Information Governance, Data Protection, and Cyber Security are complex practices that involve a wide-variety of legislative and compliance obligations– there is no one-size-fits-all model to IG management.

MMDA recognises that IG and Data Protection compliance is vital, but can be time-consuming and may provoke worry and doubt due to its complexity and specialist legal knowledge that is required.

Mid Mersey Digital Alliance offer a bespoke, flexible, and streamlined consultancy service that provides a clear, concise process of review, recognise, recommend designed to identify any gaps in your IG processes, suggest improvements, and help you to implement them.

We have supported many health and care organisations to achieve and maintain IG compliance and our IG Team will provide answers, solutions, and suggest improvements in a rapid, comprehensible, and manageable manner with our IG Compliance Plan

The MMDA IG Compliance Plan will detail our findings and describe suggested actions required to ensure that your organisation meets its legal obligations and requirements concerning confidentiality and information security standards

Why not let us undertake an audit to determine your organisation’s IG compliance. MMDA have supported many health and care organisations to achieve and maintain IG compliance and our IG Team are always prepared to provide answers, solutions, and improvements in a rapid, comprehensible, and manageable manner with our IG Compliance Plan, which will support your organisation in ensuring it meets its legal obligations and requirements concerning confidentiality and information security standards.

Our independent consultancy service will provide a comprehensive overview and evaluation of your organisation’s current IG level of compliance with suggested recommendations in order to generate and sustain a robust IG framework.

MMDA have a proven track record of assisting organisations of all scope and sizes in implementing an effective and efficient IG framework, achieving IG compliance, and submitting all necessary documents and assessments on-time and to a high standard.