Department of Health Information Governance Toolkit
The Information Governance Toolkit is an online system which allows NHS Organisations in England to assess themselves against Department of Health Information Governance policies and standards.
It provides the means by which such organisations can assess their compliance with current legislation, Government policy and national guidance.
Organisations may wish to follow the requirements of the toolkit
Section 46 of the Freedom of Information Act 2000
Requires the Lord Chancellor to issue a Code of Practice on the management of records.
First published in November 2002, the code was revised and re-issued in July 2009.
The code is in two parts:
Part I sets out good practice in records management and applies to all public authorities covered by the Act, and also to bodies that are not FOI authorities but are bodies subject to the Public Records Act 1958 or the Public Records Act (Northern Ireland) 1923.
Part II sets out how public records (records subject to the two Public Records Acts) are to be reviewed and transferred to The National Archives, the Public Record Office of Northern Ireland or another place of deposit for public records.
To help public authorities comply with the Code of Practice, the National Archives has developed a series of implementation guides.
These guides are for staff in public authorities who are responsible for records management and, in particular, for compliance with the records management Code issued under section 46 of the Freedom of Information Act.
They provide an introduction to records management concepts, explain the good practice recommendations in the Code and give guidance on how to apply them within an organisation.
They are aimed at people with little or no experience or knowledge of records management.
There is a guide for each of the nine good practice recommendations in the Code and also an introductory guide.
Four of the ten guides in the series have been issued:
Public authorities are required under the Freedom of Information Act 2000 to comply with requests promptly and within no more than 20 working days.
Whilst public authorities are not obliged to release information which would be routinely deleted within that 20 day period, Section 46 of the Code of Practice recommends that destruction is delayed until the information has been disclosed, or if not disclosed until the complaint and appeal provisions of the Freedom of Information Act are exhausted.
If, for some reason, the public authority cannot delay the destruction, then under the duty to offer advice and assistance you should identify whether another authority holds the information and inform the applicant of this or, offer to provide similar or related information if this is appropriate.
The National Archives: A Model Action Plan
A Model Action Plan for Developing Records Management Compliance with the 2002 Lord Chancellor’s Code of Practice under Section 46 of the Freedom of Information Act 2000 can still be accessed for reference in the UK Government Web Archive
The National Archives: Complying with the Records Management Code
The National Archives: Complying with the Records Management Code: Evaluation Workbook and Methodology (March 2005) is an evaluation workbook intended to be used to assess compliance with Part 1 of the Lord Chancellor’s Code of Practice, issued under section 46 of the Freedom of Information Act 2000.
The workbook can be used to assess records management practices across any type of organisation.
e-Government Technical Standards
There are a number of Government standards which aim to ensure the consistency of electronic information transferred between public organisations or made available to the public through means such as websites. e-GIF is mandatory for all public sector bodies, including the NHS.
University of Edinburgh Records Management Section
Bristish Association for Sexual Health and HIV (BASSH)
The Medical Protection Society
The Medical Protection Society has published guidance, Keeping Medical Records – A Complete Guide for Consultants
The NHS Care Record Guarantee
A document outlining the NHS commitment to respect patient rights, to protect patient confidentiality and to use patient information only for the purpose for which it was provided.
Confidentiality and disclosure of information
Information Commissioner
Images from CCTV should not be retained for longer than necessary.
This requires that organisations look at the purpose of recording the images.
The Information Commissioner outlines several scenarios that may require different retention periods.
The document also sets out standards for storage of CCTV images that need to be retained for evidential purposes and for the access and disclosure of images to third parties.
Confidentiality
The Privacy Advisory Committee in Northern Ireland
The Privacy Advisory Committee in Northern Ireland can advise on some considerations about using patient information; but it has no statutory powers and so cannot give lawful authority to disclosures of identifiable information without consent.
In the event of a complaint or challenge, its advice on best practice might play an important part in any assessment of the propriety of a disclosure.
Guidance from the General Medical Council, the Medical Research Council, the British Medical Association and draft guidance from the office of the Information Commissioner reflect the evolving legal position and reinforce the requirement for consent.
Data Protection
Medicines and Healthcare Products Regulatory Agency
Blood Safety and Quality Regulations
Setting standards of quality and safety for the collection, testing, processing, storage and distribution of human blood and blood components.
Useful contacts
- Information and Records Management Society of Great Britain
- Information Commissioner
- Information Management Branch
- Institute of Health Record and Information Management (IHRIM)
- National Preservation Office
- International Council on Archives
- The National Archives
- The Public Record Office of Northern Ireland