[Insert your logo here]
BUSINESS CASE TEMPLATE
Provision of Information Governance Support
[insert organisation name]
This document provides a template that can be used to secure commitment from the
Board or from senior management for additional resources to support Information
Governance or to effect changes to the Information Governance framework. The
template, which can be tailored to the needs of individual organisations, allows you
to set out the potential benefits, (financial and non-financial), the costs, and the
prospective strategy for strengthening resources and for improving performance on
Information Governance generally across the organisation.
[Note: Prompts have been inserted into this document to indicate the type of information you may wish to consider
inputting within each section.]
Business case – Objectives and scope
This document sets out the options for the provision of new or additional resources to
support and strengthen Information Governance arrangements within [insert the name
of your organisation].
It explains the concept of Information Governance and presents a compelling case for
change / additional resources to support the existing and future operational needs of the
organisation, including:
1. The current configuration of Information Governance responsibilities
2. How Information Governance contributes to the organisation’s business strategy
and objectives
3. Why additional resources are needed and the options for achieving these.
4. The strategic benefits to be realised
5. The strategic risks of not obtaining resources
6. The critical success factors and how they will be measured.
Information governance is the term used to describe the standards and processes for
ensuring that organisations comply with the law, regulation and best practice in handling
and dealing with information. Important elements of information governance for NHS
bodies are derived from legislation and common law i.e. Common law duty of confidence
• Computer Misuse Act 1990 • Access to Health records Act 1990 • Data Protection Act
1998 • Human Rights Act 1998 • Freedom of Information Act 2000 • Health and Social
Care Act 2001 • Electronic Communications Act 2000 • NHS (GMS Contracts)
Regulations 2004 and NHS (PMS Agreements) Regulations 2004 and the APMS
Directions
1. Current configuration of Information Governance within the
Organisation
[Describe the organisation’s main aims, organisational structure and key responsibilities for Information Governance]
[Describe the main aspects of the Information Governance strategy, strategic plan, programmes and projects]
[Outline the current service delivery arrangements, contracts with external service providers, the in-house function, where
applicable. Include details of relevant IG initiatives and standards where relevant and/or any constraints that need to be
addressed (such as specific expertise, access to IT systems and infrastructure, physical location etc.)]
2. Contribution to key objectives
[How well does the proposed way of meeting IG requirements support the organisation’s objectives and current priorities?
If it is a poor fit, can the scope be changed? Are additional resources needed at all or can current resources be
maximised through re-structuring, re-deployment, re-training etc].
[Describe how a successful outcome to this business plan will contribute to key objectives – e.g. ‘support Risk
Management agenda, supports modernisation agenda by providing expert training for key staff in front line delivery]
Stakeholders
[Outline the main stakeholder groups and their contribution to Information Governance in the organisation. Note any
potential conflicts between different stakeholder groups and their demands]
3. Why additional resources are needed and the options for
achieving these.
Business case
[Describe the business need that will be met by the additional resources and why these resources are needed now – e.g.
to be able to fulfil new obligations for Information Governance in Prison health/ Information Governance Assurance
Programme/ Paper Light/ Statement of Compliance etc. because current resources already overstretched/ unavailable
etc].
[Summarise the potential scope of how resources could be obtained/ deployed in regard to:

the minimum resource needed to meet the immediate business need

intermediate or interim option/s

the full scope of proposed changes/ resource (the widest potential change that would meet the need, perhaps
taking a longer term view].
Economic case
This sets out the options that have been considered within the broad scope identified in
response to the organisation’s existing and future business needs. It aims to arrive at the
optimum balance of cost, benefit and risk.
[Set down the high level cost/benefit analysis of (ideally) at least three options for meeting the business need (where
applicable); include analysis of ‘soft’ benefits, i.e. non- financial; identify preferred option and any trade-offs. Note that
options appraisal must be carried out in detail before selecting a preferred option.
Questions to consider:
• Has a wide range of options been explored?
• Have innovative approaches been considered and/or collaboration with others?
• If not, why not?
• Has the optimum balance of cost, benefit and risk been identified? If not, what trade-offs need to be made e.g.
foregoing some
of the benefits in order to keep costs within budget; taking carefully considered risks to achieve more substantial
benefits? ]
Affordability
This section provides an assessment of the affordability and available of funding and
links proposed expenditure to available budget and existing commitments.
[The content for this section should include: statement of available funding and broad estimates of the cost of proposals,
including any indirect costs (where applicable).
Questions to consider:
• Can the required resources be obtained to deliver the whole proposal?
• If not, can the scope be reduced or delivered in a different way?
• Could funding be sought from other sources? ]
Achievability
This section addresses the ‘achievability’ aspects of obtaining resources. Its primary
purpose is to set out the processes and actions which will be undertaken to support the
achievement of intended outcomes, including recruitment (where applicable) or
reorganisation/ reassignment of responsibilities if necessary.
[This section may include a high level plan for achieving the outcomes that illustrates the process; identifies key roles, with
designated individuals if appropriate, together with skills and experience required; outlines contingency plans for
addressing gaps in resources; identifies risks and plans for addressing them].
Questions to be addressed:
• Can the required resources be obtained through changes to the organisation’s existing resource and capacity?
• If not, how can the required capability be acquired?
•If resources are not available can the risks be managed?
• Does the scope or timescale need to change?
Constraints
[Summarise the main constraints, such as the willingness of senior management/ other stakeholders to engage with the
Information Governance agenda, the disability of staff to absorb fundamental change, the affordability of the proposals,
existing financial constraints, market availability of skills/ knowledge].
[Outline the internal and external factors upon which the successful outcomes of this business plan are dependent, such
as other projects and programmes already underway].
4. Strategic benefits
[Outline the high-level strategic and operational benefits such as improved compliance, reduction of risks, better
performance, staffing morale. Show how these benefits are linked to the organisations key objectives – e.g. service
delivery, performance.
5. Strategic risks
[Outline the main business risks such as lack of internal skills to implement Information Governance requirements,
external environmental risks such as data loss, loss of reputation, etc].
6. Critical success factors
[Define the critical success factors if this Business plan is agreed – what will constitute success? e.g. in preference to the
previous way of working. Determine how success will be measured e.g., percentage increase in IG compliance over
ensuing months, with milestones for improvement in key areas being achieved, fulfillment of additional IG projects or
tasks].