Docstoc

C+DP_SHA_208_V7_Checklist_09-0 - Information Governance

Document Sample
C+DP_SHA_208_V7_Checklist_09-0 - Information Governance Powered By Docstoc
					           Information Governance Toolkit – Confidentiality and Data Protection Assurance Requirement 208 Checklist

Has the SHA mapped all flows of person identifiable information, assessed risks in line with Department of Health guidelines and put in place
                   safe haven procedures for all routine flows of person identifiable information to the organisation?
                                 L1                           L1                           L1                           L1                            L1

   SHA-wide           Has the SHA identified       Has the SHA begun to         Has the SHA assessed        Has the SHA taken             Does the SHA have
                      key areas generating         map and record flows in      risks in those flow         immediate remedial action     documented safe haven
                      routine flows of personal    these key areas?             methods as part of the      where significant risks are   procedures for key areas
                      information?                                              mapping process?            highlighted?                  receiving routine flows of
                                                                                                                                          personal information?

     Yes/No
     ( or X)

Has the SHA mapped all flows of person identifiable information, assessed risks in line with Department of Health guidelines and put in place
                   safe haven procedures for all routine flows of person identifiable information to the organisation?
                                  L2                          L2                           L2                           L2                            L2

    SHA-wide          Has the SHA identified all   Has the SHA mapped and       Has the SHA assessed        Does the SHA provide          Does the SHA ensure any
                      areas generating routine     recorded those flows?        risks in those flow         reports highlighting risk     significant risks are
                      flows of person                                           methods as part of the      areas to the Information      reported to the Senior
                      identifiable information?                                 mapping process?            Governance Steering           Information Risk Officer
                                                                                                            Group or similar?             (SIRO)?
     Yes/No
     ( or X)

Has the SHA mapped all flows of person identifiable information, assessed risks in line with Department of Health guidelines and put in place
                   safe haven procedures for all routine flows of person identifiable information to the organisation?
                                  L2                          L2                           L2                           L2                            L2

    SHA-wide          Does the SHA ensure all      Has the documented safe      Has the revised safe        Does the SHA ensure that      Does the SHA ensure that
                      risks are recorded in the    haven procedure been         haven procedure been        all relevant staff members    all relevant staff members
                      Risk Register?               updated to include all       approved by the Caldicott   have access to the safe       are aware of the location
                                                   routine receipts of person   Guardian and senior         haven procedures?             of safe havens?
                                                   identifiable information?    management?
     Yes/No
     ( or X)
Has the SHA mapped all flows of person identifiable information, assessed risks in line with Department of Health guidelines and put in place
                   safe haven procedures for all routine flows of person identifiable information to the organisation?
                                 L3                         L3                          L3                     L3                          L3

    SHA-wide          Does the SHA ensure        Does the SHA ensure that     Does the SHA monitor   Does the SHA ensure that   Are the safe haven
                      flows of person            records are updated to       compliance with safe   safe havens are not used   procedures and flows
                      identifiable information   reflect any changes in       haven procedures?      inappropriately?           subject to regular review?
                      are regularly reviewed?    flow methods, locations or
                                                 data items
     Yes/No
     ( or X)

				
DOCUMENT INFO
Shared By:
Categories:
Tags:
Stats:
views:0
posted:4/6/2013
language:Unknown
pages:2