One of the main objectives of the NDR programme is to build a new national data platform to help give health and care professionals access to better information about our services. The NDR will provide the functionality to enable health and care professionals and analysts to use information to better understand the full picture of the nation’s state of health. But what’s needed to support this? And most importantly, how do we demonstrate to our citizens that their data is protected in the process?
The four cornerstones to successful Information Governance (IG) are accountability, transparency, protection and compliance. Accountability makes us responsible for complying with the legislation and says that we must be able to demonstrate our compliance with high standards for privacy. We also exercise the rights of individuals’ and give people greater control over their data. Being open and honest about what we do with personal data support contracting and data sharing with third parties.
Another key aspect is the protection from data breach, corruption and loss of data to protect our citizens’ data. Finally, the NDR and its users have a duty to comply with applicable laws, regulations, standards, and organisational policies. The NDR’s credibility and legal standing rest upon its ability to demonstrate that it conducts its activities in a lawful manner and manages information risks effectively.
One of the NDR’s current projects is to implement an IG Framework. The aim of this project is to ensure there are robust processes in place for any NDR project utilising personal identifiable information and pseudonymised data sets. Through this process we can ensure the projects and services meet the required standards in relation to the cornerstones for lawful processing and for the protection of our citizens’ data, creating trust and confidence with the systems and services we offer.
What do you think is needed to support PMOs with documenting these requirements and building a strong governance infrastructure?