Add to collection(s) Add to saved
  1. Business
  2. Management
  3. Project Management

DATA PROTECTION ACT 1998 – IMPLEMENTATION PROJECT

advertisement 
DATA PROTECTION ACT 1998 – IMPLEMENTATION PROJECT
Project Initiation Document
Background
The main provision of the Data Protection Act 1998 came into force on 23 October 2001
although certain provisions relating to manual records are deferred until 23 October 2007.
The Act replaces the existing Data Protection Act 1984 and most of the Access to Health
Records Act 1990.
Scope
To identify the Trust’s responsibilities under the Data Protection Act 1998, to review the
existing policies and procedures for data protection established by the Trust and to revise
and consolidate these policies and procedures as appropriate to meet the requirements of
the Act. Appropriate links, and decisions about lead responsibility, will need to be made with
projects focusing on information security and on Caldicott/confidentiality as many of the Data
Protection requirements also apply to these work areas.
Benefits
The project will ensure that the Trust complies with its legal obligations and with good
practice on data protection and confidentiality issues. The risks of legal or other action
against the Trust and/or adverse publicity will be minimised.
Products/Deliverables
1.
To revise the Trust policy statement on Data Protection, and to identify the
individuals responsible for ensuring the Trust’s compliance. Product = policy
statement; management arrangements statement
2.
To review the procedures for ensuring the right of subject access for patients and
other members of the public. Product = product document
3.
To review the procedures for ensuring the right of subject access for members of
the Trust’s staff. Product = procedure document
4.
To establish means to ensure that patients (and other members of the public) are
adequately informed about the Trust’s uses of personal data and their rights of
subject access. This to be delivered as a joint product with work to satisfy
confidentiality/consent requirements. Product = publicity material
5.
To establish means to ensure that staff are adequately informed about the Trust’s
uses of personal data and their rights of subject access. Product = publicity
material
6.
To review all existing holdings of personal data within the Trust. Products =
inventory of personal data held; DP Act notification amendment if necessary
7.
To establish procedures to identify changes and additions to holdings of personal
data within the Trust. Product = procedure document
8.
To promote and maintain awareness of data protection, confidentiality and
information security issues throughout the Trust. This to be delivered as a joint
product with work to satisfy confidentiality and information security requirements.
Products = briefing notes; training presentations
Roles and Responsibilities
Project Manager:
Project Team:
The project will report to the Information Governance Steering Group
The project team will form working groups with appropriate membership to address specific
products/deliverables
Resources
Support to the project will be provided by the Senior Information Officer and the support staff
of the Confidentiality & Security Manager (all posts already funded)
Timescales
The project team will ensure that all policies and procedures are in place by [date]. The
project team will draw up a timetable which may include earlier deadlines for certain
deliverable
Risks
The Trust Board are corporately and personally liable for offences under the Data Protection
Act. Non-compliance with the Act may also result in adverse publicity for the Trust.
Quality Plan
The quality assurance role will be undertaken by the Information Governance Group
Controls
The project will additionally be monitored by the IM&T Programme Board
Constraints
The project must address all of the requirements for Data Protection compliance outlined in
the NHSIA Information Governance toolkit, and progress must be recorded appropriately
within the toolkit performance assessment facility by [date] .
Interfaces
The project will take account of:

Data Protection policies and procedures in other organisations within the local health
community
And parallel work to address information governance requirements relating to:




Caldicott/Confidentiality
Information Security
Information Quality Assurance
Records Management
Related documents
Observation of Associate Teacher by Student Teacher
Observation of Associate Teacher by Student Teacher
Information Security policy
Information Security policy
Confidentiality
Confidentiality
Confidentiality Agreement for Staff
Confidentiality Agreement for Staff
Developing Effective Communication in Health and Social Care
Developing Effective Communication in Health and Social Care
Medical Imaging Data Access and Sharing Meeting 18 March 2009
Medical Imaging Data Access and Sharing Meeting 18 March 2009
Confidentiality Statement - The Center for Children and Families
Confidentiality Statement - The Center for Children and Families
CONFIDENTIALITY REQUIREMENTS FOR OBSERVATION
CONFIDENTIALITY REQUIREMENTS FOR OBSERVATION
confidentiality policy - Healthwatch Lancashire
confidentiality policy - Healthwatch Lancashire
HST 132-Chap 2
HST 132-Chap 2
confidentiality - Learn @ Coleg Gwent
confidentiality - Learn @ Coleg Gwent
Wagner College Confidentiality Agreement
Wagner College Confidentiality Agreement
Confidentiality Agreement
Confidentiality Agreement
What is Information Governance?
What is Information Governance?
Information Governance Policy
Information Governance Policy
caldicott_protocol
caldicott_protocol
Presentation on Communication
Presentation on Communication
1.02 Team Communication
1.02 Team Communication
Confidentiality policy - Clifton Medical Practice
Confidentiality policy - Clifton Medical Practice
PsychologyOnline.co.uk
PsychologyOnline.co.uk
Information-Handling-Standard
Information-Handling-Standard
SPG Update- October 2012
SPG Update- October 2012
Download
advertisement