Caldicott - Acute Trusts Knowledge base

Document Sample
Caldicott - Acute Trusts Knowledge base Powered By Docstoc
					        Information Governance Management - Ambulance Trusts

                                  Requirement 107

Does the AMT have in place comprehensive Information Lifecycle Management
 (ILM) Policy, which includes the process for managing risks associated with
clinical records on all media, and associated Strategy and Improvement Plans
                          all signed off by the Board?

All NHS organisations should have in place an organisation wide Information
Lifecycle Management (ILM) Policy, which includes the process for managing
risks associated with clinical records on all media. A strategy for implementing
the policy should also be in place that identifies the resources needed to
ensure records of all type are properly controlled, tracked, accessible and
available for use and for eventually archiving or otherwise disposing of
records. Both documents should be in line with the principles contained within
the NHS Records Management Code of Practice. Without a comprehensive
approach the AMT will be unable to fully implement the Freedom of Information
Act 2000 requirements.

What is meant by “Information Lifecycle Management?

Information Lifecycle Management (ILM) is the policies, processes, practices,
services and tools used by an organisation to manage its information through every
phase of its existence, from creation through to destruction. Record management
policies will form part of an organisation’s ILM, together with other processes, such
as for example, a records inventory, secure storage, records audit etc. The main
principles of ILM are (a) that it applies to information in paper and other physical
forms, e.g. electronic, microfilm, negatives, photographs, audio or video recordings
and other assets and b) that it relates to the 5 distinct phases in the life of
information; creation, retention, maintenance, use and disposal.

An Information Lifecycle Management Policy
An Information Lifecycle Policy is a high level document which sets out the AMT’s
policy towards the management of its information. Organisations may already have
in place a Records Management Policy that encapsulates some of these elements,
but will need to ensure that such a policy reflects the broader definition of ILM as
outlined above or supports a separate ILM policy. The policy should include the
process for managing risks associated with clinical records on all media. Once
agreed the policy document should be endorsed by the Board and signed off by the
Chief Executive.

Key elements

      Record Creation, Keeping and Maintenance
      Quality
      Disclosure and Transfer

                                     Page 1 of 5
       Retention and Disposal
       Storage, Archiving and Scanning

Key content

       A section specifying why the Policy is required
       An description of how information will be handled by the AMT
       A description of accountability and responsibility for the policy
       A process for monitoring the Policy
       Staff duties and responsibilities for Records Management
       A description of how the elements of ILM link together
       The process for managing risks associated with clinical records on all media
       Actions to be taken if the Policy is breached

Information Lifecycle Strategy
An Information Lifecycle Strategy is the way the AMT will deliver its ILM policy and
take action to demonstrably improve its performance in managing information. In
developing and documenting a strategy, key considerations should be:

       What resources and operational arrangements will be necessary to support
        adequate delivery of the AMT’s policy
       How existing systems and processes will integrate with this or be otherwise
       How ownership of the Strategy will be ensured
       What mechanism will be used to review the Strategy
       How the Information Lifecycle Strategy will link to other organisational

Before a comprehensive strategy can be developed the AMT must analyse its
business activities and determine the types of records it has within the organisation.
See Requirement 604 – Audit of Corporate Records and Information.

Many of the AMTs business activities are subject to legal provisions, regulations and
Department of Health Standards which specify the way in which information must be
recorded and presented e.g. financial records. These provisions should be
acknowledged so that the completed strategy does not direct employees to act
otherwise than in accordance with the relevant law, regulations and guidance.

The Strategy Document
The Strategy should address the AMT’s future plans for improving records
management practice throughout the organisation, for example, providing:-

   1.   clear guidelines on records storage
   2.   processes for record creation
   3.   staff training on record keeping issues
   4.   formal procedures for closure and retention of records
   5.   formal procedures for safe and secure disposal of records on all media.

The AMT should assess whether the strategy fully support the requirements of
Freedom of Information Act 2000 and if it does not the AMT should ensure that the
strategy is redrafted to meet these requirements. For example the AMT may have a

                                     Page 2 of 5
documented strategy for addressing health records management but not corporate
records. The Act requires that organisations provide certain information on request
and publish a Publication Scheme; therefore the strategy must be comprehensive
enough to support these aims.

Improvement plans

   Level 1
    The AMT should develop an Information Lifecycle policy or have in place a robust
    and comprehensive Records Management Policy, which includes the process for
    managing risks associated with clinical records on all media, including those
    associated with the disposal of records. The policy should be supported by a
    documented strategy and implementation plan.

   Level 2
    The AMT should provide documentary evidence that the strategy is being
    implemented e.g. good progress against planned work areas, including around
    secure disposal of person identifiable records. The strategy should also be
    integrated with risk management processes.

   Level 3
    The AMT should keep the Board updated with progress against implementation
    plans and ensure annual review and sign off of Information Lifecycle Policy and
    Strategy documents.

Requirement checklist

IGM_AMT_107_V7_Checklist 09-02-05.doc

Key Guidance Document(s):

The NHS Records Management Code of Practice
The Code is a guide to the required standards of practice in the management of
records for those who work within or under contract to NHS organisations in England.
It is based on current legal requirements and professional best practice. The
guidance applies to all NHS records and contains details of the recommended
minimum retention period for each record type. HSC 1999/053 has now been

The Ministry of Justice
The Ministry of Justice is responsible for freedom of information policy in the UK, and
for development of the framework for the Act including the provision of guidance and
best practice to public authorities and information applicants. A code of practice was
issued by one of the Ministry’s predecessor organisations, the Lord Chancellor’s
Department. The code and other materials are still hosted on the DCA website but
are due to be moved to the Ministry’s pages in due course, in the meantime the code
can be accessed via the following hyperlink:

                                     Page 3 of 5
The Lord Chancellor’s Code of Practice on the Management of Records, issued
under section 46 of the Freedom of Information Act 2000
This Code sets out the practices that organisations should follow in relation to the
creation, keeping, management and destruction of their records.

The National Archives
The National Archives (TNA) has developed and published a significant amount of
guidance for use by records managers within the public sector. Although some of the
earlier publications were written specifically for a central government audience, a lot
of the guidance is generic and should assist records managers in the health and
social care setting.

The National Archives produces standards and guidance on all aspects of records
management, including The National Archives: Complying with the Records
Management Code: evaluation workbook and methodology, developed to assist
public authorities in assessing conformance of their record management systems to
the Lord Chancellor’s Records Management Code.

NHSLA: Risk Management Standards for Ambulance Trusts

British Standards Institute (BSI)
The following records management standards and guidance, amongst others, are
available from BSI. For further information see the BSI website

BS-ISO 15489: Information and documentation – Records management

BIP 0025:1 to 3 – guides to BS-ISO 15489

BS 5454:2000 - recommendations for the storage and exhibition of archival

PD 0024:2001 - A guide to the interpretation of BS 5454:2000

BIP 008:2004 Code of practice for the legal admissibility and evidential weight of
information stored electronically

Bite size GPG on Secure Disposal of Media.

Exemplar materials:

NHS CFH MODEL Records Management Policy.doc

NHS CFH MODEL Records Management Strategy.doc

NHS CFH MODEL Records Inventory Template.doc

Guidance on Secure Disposal of Media

Useful website:

The Records Management Roadmap

                                     Page 4 of 5
The Roadmap comprises of ‘how to’ materials in the form of templates and checklists
to assist organisations in developing and implementing solid records management

                                    Page 5 of 5

Shared By: