Information Governance Board IGB Terms of Reference TOR

Purpose

The purpose of the Information Governance Board is to oversee BrisDoc’s Information Governance agenda, by

• Ensuring that an appropriate and comprehensive information governance framework is in place and being maintained in line with national standards
• Maintaining Information Governance Strategy, policies and guidance material
• Reviewing the annual Information Governance Toolkit assessment and its submissions
• Coordinating the activities of staff given data protection, confidentiality, information security, information quality, records management and Freedom of Information and Subject Access responsibilities
• Offering support, advice and guidance concerning Information Governance/Security, Freedom of Information, Subject Access and Data Protection issues
• Monitoring information handling activities to ensure compliance with law
• Ensuring that information governance and information security training made available and is taken up by staff as necessary to support their role
• Providing a focal point for the resolution and/or discussion of Information Governance issues
• Monitoring reviews/audits relating to information governance and adherence/development to relevant standards
• Providing support and guidance to the Caldicott Guardian on matters of data protection and confidentiality
• Reviewing and discuss lessons learnt from information governance incidents to ensure the risk of future incidents is mitigated
• Developing appropriate resilience and recovery arrangements for systems, based on assessed risks to information and its perceived value, to ensure that availability of information is not compromised.
• Ensuring staff are equipped to handle information respectfully and safely, according to the Caldicott Principles
• Ensuring the organisation proactively prevents data security breaches and responds appropriately to incidents or near misses
• Ensuring technology is secure and up to date

Effectiveness Measures

Compliance to appropriate legal and regulatory requirements.

Policy compliance via audit

Low incident rate related to IG

Metrics

The IGB will review the quarterly IG Dashboard

• Compliance to DPST
• Training
• IG related incidents
• Data Sharing agreements
• Remote workers (for information)

Arrangements for Chairing the Board

The IGB be chaired by BrisDoc’s Programme and Service Director. A deputy will be appointed in the absence of the Chair.

Membership

The core membership of the Group will be comprised of:

• Caldicott Guardian
• Senior Information Risk Officer (SIRO):
• Information Security Manager (ISM
• Financial and Corporate Information Lead
• Practice Manager -Broadmead Medical Centre/Homeless Health
• Practice Manager – Charlotte Keep Medical Centre
• Head of Integrated Urgent Care (IUC) Service
• Governance Manager
• Programme and Service Director
• People Partner

Quoracy for Decision Making

A meeting will be quorate when there is present at least the chair, and a manager representative from each of BrisDoc services (including via video-consultation). If this is not possible decision making will proceed on the proviso that each service has been consulted on key decisions.

Frequency of Meetings

Meetings will be held quarterly A schedule of dates will be agreed on an annual basis so that members can prioritise the meetings accordingly in diaries.

Exceptional Business

In exceptional circumstances, for the purposes of urgent and/or important business that merits consideration and review by the IGB between meetings, email/conference call communication will be used.

Accountability, Reporting and Relationships

The IGB is accountable to the BrisDoc’s Corporate Leadership Board and will provide assurance and exception reporting as required.

Review

The TOR for the SQG will be reviewed annually.

Version Control

Agenda Template