Knowing how to protect peoples’ personal health information, in a way that ensures highly sensitive health records are stored and used properly, is covered in a new guide published today by the Health Information and Quality Authority.

“The recent documented cases where people’s personal records have been found in bins and bogs is evidence that private information is being lost and/or disposed of inappropriately. This is unacceptable and leads to a breakdown of people’s trust,” said Professor Jane Grimson, Director of Health Information with HIQA.

What You Should Know about Information Governance: a Guide for Health and Social Care Staff provides information and guidance for people working in health and social care services to support good management of personal health information.    

“Ultimately, any organisation providing health or social care should be able to clearly show that it can be trusted to maintain the confidentiality and security of the personal information of its patients,” Professor Grimson said.

“Good information governance is a core component of safer better healthcare. It is not something that takes place in isolation, or separate from healthcare provision, but underlies safe effective care. This is what our new Guide focuses on.” Professor Grimson continued.

HIQA’s new Guide gives practical information for health and social care providers around the management of information. The Guide is accompanied by a self-assessment tool which is designed to highlight areas where urgent action is required or where improvements may be made. They are an important step in assisting organisations meet the baseline requirements in information governance.

Healthcare is information-intensive, creating a huge amount of data, including patient records and test results, every day. It is estimated internationally that almost 30% of the total health budget is spent on handling information, collecting it, looking for it or storing it. In the current economic climate it is more important than ever that information is managed in the most effective way possible in order to ensure a high quality, safe service for the public.

HIQA has also published guidelines on Privacy Impact Assessments. This is a process which looks at the use of patient’s private and confidential information to see what the risks to it are and how to protect that sensitive information. As people have a right to privacy, confidentiality and security of their personal health information it is important that everyone with access to this type of information knows how to protect it.

ENDS

Further Information: 

Marty Whelan, Head of Communications and Stakeholder Engagement
01 8147481/ 086 2447623 or email mwhelan@hiqa.ie

Notes to the Editor: 

• At its heart, information governance is about setting a high standard for the handling of personal health information and giving organisations the tools they need to achieve that standard.
• Good information governance allows organisations and individuals make sure that personal information such as that contained in a healthcare record is handled legally, securely, efficiently and effectively in order to deliver the best possible care to people who use health and social care services.
• Good information governance also helps organisations make sure that the information they have access to is used ethically. This means showing, at all times, the proper respect for the person to whom the information relates.

Key Points for People working in health or social care services

• Information Governance is the responsibility of all staff. You must have respect and regard for the privacy, confidentiality, security and quality of all personal health information.
• It is the responsibility of all organisations to comply with the law, for example to comply with the obligations conferred on organisations by the Data Protection Acts 1988 and 2003. Your organisation can work towards achieving this by assigning responsibilities for information governance issues to named staff, and by ensuring that all staff are made aware of their individual responsibilities and of any penalties for non-compliance.
• Information Governance ensures that personal information is dealt with legally, securely, efficiently and effectively. It is important that you:
  • Understand what information governance is
  • Know how information governance applies to your role
  • Do your best to improve and encourage good practices in your department
  • Support information handling improvements across your organisation
  • Be receptive to the change process
  • Be a team player
  • Ensure your patients and service users are fully informed
  • Take advantage of training and development opportunities.

Guidance on Privacy Impact Assessment in Health and Social Care

Available to download from www.hiqa.ie, this Guidance shows service providers how to ensure that they protect the privacy rights of the people using their services and to assist them in strengthening their own governance arrangements around health information. Privacy impact assessments (or PIAs) also bring value and cost savings to healthcare projects. When conducted in the early stages of work, PIAs can demonstrate whether or not a project meets legal requirements for the storage of personal information and is viable to continue with before significant investment is made.