Information Governance Checklist and Review Form

NHS Trust

Introduction

This document summaries the Information Governance related review and risk assessment that has been conducted at NHS Trust prior to go-live of the locally deployed Clinical Dashboard system. Full details of the Information Governance approach are provided in the programme documentation.

Source Systems Summary

The following table list the source systems that feed data into the Dashboard System together with a number of key IG characteristics.

Source System Name / Brief description of data being provided / Is patient level data included / Are smartcards used to control access to the source system / Data owner / Notes
System 1 / Accident & Emergency Data / Y / N / NHS Trust
Etc.

Data Sharing Agreements

If any of the data sources are external to the Trust who are deploying the system please add confirmation that appropriate data sharing agreements are in place. If this does not apply please update to specify that no data sharing agreements are required.

Data Use Cases

The programme IG approach document details a number of dashboard types and data access use cases, a summary of those that apply to this Trust’s deployment must be documented here.

The Dashboards types within this deployment will be as follows :

Dashboard Type / Data Access Provided
Public Dashboard
(Display provided in public area, no ability for public to interact with the dashboard) /
  • Aggregated data
  • No statistical or anonymised data
  • No patient identifiable data
  • No patient specific clinical data

Team Dashboard
(Dashboard application provided for individual users or for access on a team workstation in a restricted area. Any drill down will provide consistent levels of data access e.g. no Patient Identifiable data) /
  • Aggregated data
  • Statistical data
  • Anonymised data
  • No patient identifiable data
  • No patient specific clinical data

Individual Dashboard
(Dashboard application only available to an authorised user who is explicitly authenticated) /
  • Aggregated data
  • Statistical data
  • Patient identifiable data
  • Clinical data

( Please delete those rows not used and highlight any differences to the standard data access provided if required)

The data uses cases that apply to this deployment are as follows :

Area of system / Applicable Data Use Cases / User Groups that have access / Notes
Entry – Screen 1 / C / All / No Patient Data
Urgent Contacts – Screen 2 / E, F / All NHS Trust Users / Users will only get access to patient data for the practice(s) they have authorisation to view.
Practice Improvement Programme – Screen 3 / C / Bolton standard user - PIP Only / No Patient Data
Disease Registers – Screen 4 / C / Bolton Practice user / ? Do you get drill down to Patient data from here
Admin/Data Confidence – Screen 5 / J, K / Administrator Only

Review and Approvals

This document summarises the Information Governance review that has been conduction by NHS Trust, including any controls and risk reviews.

Approval of this document confirms that the IG Approach document has been read and understood by the IG manager and/or Caldicott guardian and any variance from that approach is documented within this review form.

Name / Title / Signature / Date
< Add name of IG Manager or Caldicott guiardian >