Concept Management have successfully passed the NHS Information Governance Toolkit Audit this month again. This is in line with other successful audits this month, such as QMS ISO:27001 and BSI Stage 2 ISO:27001.

Mark Wilding say’s ‘ This is testament to all the hard work from all our staff to achieve another industry accreditation and the reason we do these is to offer our client’s complete peace of mind knowing that all our processes are independently audited to a particular standard and none higher for the NHS than the IG Toolkit.’

What is the IG Toolkit? and what are the information governance requirements?
The Information Governance Toolkit is a Department of Health (DH) Policy delivery vehicle that the Health and Social Care Information Centre (HSCIC) is commissioned to develop and maintain. It draws together the legal rules and central guidance set out by DH policy and presents them in in a single standard as a set of information governance requirements.
There are different sets of information governance requirements for different organisational types. However all organisations have to assess themselves against requirements for:
– Management structures and responsibilities (e.g. assigning responsibility for carrying out the IG assessment, providing staff training, etc).
– Confidentiality and data protection.
– Information security.

The purpose of the assessment is to enable organisations to measure their compliance against the law and central guidance and to see whether information is handled correctly and protected from unauthorised access, loss, damage and destruction.
Where partial or non-compliance is revealed, organisations must take appropriate measures, (e.g. assign responsibility, put in place policies, procedures, processes and guidance for staff), with the
aim of making cultural changes and raising information governance standards through year on year improvements.
The ultimate aim is to demonstrate that the organisation can be trusted to maintain the confidentiality and security of personal information. This in-turn increases public confidence that ‘the NHS’ and its partners can be trusted with personal data.

Concept offer a Duty of Care pack to aid due diligence and this can be seen by clicking on our Accreditations page.

ARE YOU READY FOR GDPR?
CLICK HERE