Oak House
Moorhead Way
Bramley
Rotherham S66 1YY
Request 1 –Have you clustered your freedom of information (FOI) process and if so
Response - No
Request a - What date did yourFOI process Cluster.
Response a – N/A
Request b - WhatPCTs are involved in your clustered process?
Response 1 –N/A
Request 2 - How many FOI requests have you received in the previous 12 months, either by each PCT or total Cluster
Response 2- 320
Request 3 - From thenumber supplied in question 2, how many were responded to in the 20 working day deadline
Response 3 - 201
Request 4 - From thenumber supplied in question 2, how many were sent for internal review
Response 4 - 3
Request 5 - From thenumber supplied in question 2, how many were sent to the Information Commissioners Office.
Response 5 - 1
Request 6 - How many full time staff do you have processing theFOI requests
Response 6 - 1
Request 7 - Who is responsible for theFOI process and what are their contact details
Response 7 – Mr Alan Tenanty -
Request 8 - Please provide a copy of theIG team structure and functions
Response 8 –
Key Governance Bodies /- The Information Governance agenda in NHS Rotherham is managed by the Information Governance Steering Group, which is chaired by the SIRO and reports to the Operational Risk, Governance & Quality Management Group
Resources / The key roles and responsibilities for the delivery of the Information Governance agenda in NHS Rotherham are identified in the table below:
NHS Rotherham Role / Information Governance Responsibilities
Deputy Chief Operating Officer /
- Information Governance lead
- Deputy SIRO (Senior Information Risk Owner)
- Chair of the NHS Rotherham Information Governance Steering Group
Head of IT /
- Information Governance Toolkit lead officer
- Deputy Caldicott Guardian
- Data Protection officer
Information Governance Manager /
- Records Management lead officer
- Confidentiality lead officer
- Data Quality Lead officer
- Privacy Officer
IT Project Manager /
- Registration Authority (RA) Manager
Head of Corporate Governance /
- FOI Lead Officer
RFT IT Service IT Projects Manager /
- Information Security lead officer
Head of Intelligence /
- Information lead Officer
Joint Agencies Information Sharing Officer /
- Lead officer for the development and maintenance of Rotherham wide information sharing policies and protocols
The roles identified above all work on the relevant components of the Information Governance Toolkit and contribute to the annual assessment.
Governance Framework / TheInformation Governance Departmentand relevant commissioned services are responsible for developing and maintaining policies, standards, procedures and guidance, coordinating and raising awareness of Information Governance and identifying and organising training,
All Managers within the Trust are responsible for ensuring that the policy and its supporting standards and guidelines are built into local processes and that there is on-going compliance.
Individuals working for the Trust, whether permanent, temporary or contractors have a personal common law duty of confidence to patients and to their employer. It is the responsibility of all staff to ensure that they are aware of the requirements incumbent upon them in relation to information governance and for ensuring that they comply with these on a day to day basis. A confidentiality clause is incorporated into all staff contracts.
Information Asset Owners (IAOs) have been identified for all of the organisations key information assets. The IAOs are required to routinely risk assess their information assets and these findings are reported to the SIRO.
Training and Guidance / Appropriate Information Governance Training delivered via the Information Governance Training Tool (IGTT) has been made available for all staff.
The Introduction to Information Governance course is mandatory for all staff.
The table below shows the discretionary training which is required for specific job roles:
Course / Resource / Recommended for / Duration
Information Governance & IG Management
(2 modules) / Introduction to Information Governance / Mandatory for All Staff / 1.5 hours
Information Risk Management
(3 modules) / NHS Information Risk Management: Introductory / Only for staff who work with Personal Identifiable Information (PID) / 1 hour
NHS Information Risk Management: Foundation / Only for SIRO’s and IAO’s / 1 hour
NHS Information Risk management for SIRO’s and IAO’s (Senior Information Risk Officer & Information Asset Owners) / Only for SIRO’s and IAO’s / 1 hour
Information Security
(3 modules) / Password Management / Only for staff who use computers / 0.5 hours
Information Security Guidelines / Only for staff who use computers / 1 hour
Secure Transfers of Personal Data / Only for staff who work with Personal Identifiable Information (PID) / 1.5 hours
Confidentiality and Caldicott
(1 module) / The Caldicott Guardian in the NHS and Social Care / Only for Caldicott Guardians / 1 hour
Progress with the completion of mandatory training is monitored and reported to board by the Learning and Development department as part of the mandatory training programme.
Incident Management / The management of information and IT related incidents in NHS Rotherham is incorporated within the Incident Reporting Policy and Procedure.
This Policy is brought to all staffs attention through the induction process.
A documented Information Security Risk Assessment and Management programme is in place and was approved by the Information Governance Steering Group in January 2012. This programme of work is managed by the Head of IT.
Request 9 - Have you or do you intend to, submit a business case with anFOI function, to the CCS and if so can I please have a copy
Response 9 –No