News on Information Governance rarely captures the hearts of social care practitioners around the UK. The absolutely confidential nature of peoples individual data is held dear to organisations, but the management of how that is achieved varies significantly across providers.
The spotlight on practice is about to intensify – with laser beams shining in on providers from a range of regulatory and statutory sources.
Firstly, the CQC have ramped up their focus on this area, with a brand new Key Line of Enquiry/prompt included under Governance and Management section of the Well Led heading.
How does the service assure itself that it has robust arrangements (including appropriate internal and external validation) to ensure the security, availability, sharing and integrity of confidential data, and records and data management systems, in line with data security standards? Are lessons learned when there are data security breaches?
All providers being inspected as of the 1st November 2017 onwards will be asked about this, and this is seen to be bringing social care practitioners more in line with health colleagues.
This leads to the second external driver to focus in on Information Governance, which comes in the form of a recent circular
put out by the Department of Health. Whilst NCF are in the process of seeking more clarification of the ‘on the ground’ interpretation of this – particularly from April 2018 onwards - the thrust of the message appears to be that ALL social care providers will be required to comply with the newly revised Information Governance toolkit – to be known in the future as the Data Security and Protection Kit. This is a massive shift in requirement, as compliance with this was previously only the preserve of organisations under contract with the NHS, and even then some research carried out on behalf of CPA earlier in the year indicated relatively limited compliance with the Information Governance Toolkit. The full details of future requirements are hinted at in this circular
, with an associated timeline – and this is an area that we will be bringing more detail to you as soon as it becomes available.
The pull side of this potential blanket requirement is the opportunities that this will then open up for social care providers in relation to accessing a wide range of resources which will support greater integration of data between health and social care. These include the ability to access NHS mail accounts, gain access to the secure Health and Social Care Network, and potential access to Summary Care Records, Discharge plans etc…. There is limited piloting of this happening at present, but early indications do show that these greater opportunities for swift, secure and effective interchange are improving the lives of people in receipt of services. Also compliance with the new toolkit is intended to provide you with a sufficiently robust system overview to comply with the final chapter in this instalment on Information Governance – the countdown to the changes in data protection legislation….
As noted, the arrival of the General Data Protection Regulations (coming into force on the 25th May 2018) looms large over the sector. It is very important that members who have not already begun to think about how this might affect their services begin to take note. NCF are going to be running a series of events on this, alongside issues of Information Governance over the coming months. The first of these will be on the 14th December in Birmingham and the 15th December in London. Full details will be circulated in the next day or so, and members are encouraged to book on these asap.
At last week Managers Conference, a workshop on this key issue was held and members can access the slides from that presentation here
to give you an overview of what changes the new regulations will bring and how you can begin to prepare.
Finally, at NCF, we are very involved in a wide range of programmes exploring the shifts in data, regulation, governance and integration – and we are always in need of providers to get involved in testing and exploring the implications of these for the sector – if you or colleagues would be happy to get involved, then contact Vic directly on email@example.com