Skip to main content
Department of Health Department of Health An Roinn Sláinte Männystrie O Pouste

Main navigation

  • Home
  • Topics
  • Publications
  • Consultations
  • Contact

Translation help

Translate this page

Select a language

  • Arabic — عربي
  • Chinese (Simplified) — 中文简体
  • Chinese (Traditional) — 中文繁體
  • Dutch — Nederlands
  • Filipino — Filipino
  • French — Français
  • German — Deutsch
  • Hungarian — Magyar
  • Irish — Gaeilge
  • Italian — Italiano
  • Latvian — Latviešu
  • Lithuanian — Lietuvių kalba
  • Polish — Polski
  • Portuguese — Português
  • Romanian — Română
  • Russian — Русский
  • Slovak — Slovenčina
  • Spanish — Español
  • Ukrainian — Українська
  • GMGR - Resources and contacts to support improvement

    Topics:
    • Good management, good records, 
    • Records management processes

    Resources and contacts to support improvement for Good Management Good records.

    Department of Health Information Governance Toolkit

    The Information Governance Toolkit is an online system which allows NHS Organisations in England to assess themselves against Department of Health Information Governance policies and standards.

    It provides the means by which such organisations can assess their compliance with current legislation, Government policy and national guidance.

    Organisations may wish to follow the requirements of the toolkit

    Section 46 of the Freedom of Information Act 2000

    Requires the Lord Chancellor to issue a Code of Practice on the management of records.

    First published in November 2002, the code was revised and re-issued in July 2009.

    The code is in two parts:

    Part I sets out good practice in records management and applies to all public authorities covered by the Act, and also to bodies that are not FOI authorities but are bodies subject to the Public Records Act 1958 or the Public Records Act (Northern Ireland) 1923.

    Part II sets out how public records (records subject to the two Public Records Acts) are to be reviewed and transferred to The National Archives, the Public Record Office of Northern Ireland or another place of deposit for public records.

    To help public authorities comply with the Code of Practice, the National Archives has developed a series of implementation guides.

    These guides are for staff in public authorities who are responsible for records management and, in particular, for compliance with the records management Code issued under section 46 of the Freedom of Information Act.

    They provide an introduction to records management concepts, explain the good practice recommendations in the Code and give guidance on how to apply them within an organisation.

    They are aimed at people with little or no experience or knowledge of records management.

    There is a guide for each of the nine good practice recommendations in the Code and also an introductory guide.

    Four of the ten guides in the series have been issued:

    Public authorities are required under the Freedom of Information Act 2000 to comply with requests promptly and within no more than 20 working days.

    Whilst public authorities are not obliged to release information which would be routinely deleted within that 20 day period, Section 46 of the Code of Practice recommends that destruction is delayed until the information has been disclosed, or if not disclosed until the complaint and appeal provisions of the Freedom of Information Act are exhausted.

    If, for some reason, the public authority cannot delay the destruction, then under the duty to offer advice and assistance you should identify whether another authority holds the information and inform the applicant of this or, offer to provide similar or related information if this is appropriate.

    The National Archives: A Model Action Plan

    A Model Action Plan for Developing Records Management Compliance with the 2002 Lord Chancellor’s Code of Practice under Section 46 of the Freedom of Information Act 2000 can still be accessed for reference in the UK Government Web Archive

    The National Archives: Complying with the Records Management Code

    The National Archives: Complying with the Records Management Code: Evaluation Workbook and Methodology (March 2005) is an evaluation workbook intended to be used to assess compliance with Part 1 of the Lord Chancellor’s Code of Practice, issued under section 46 of the Freedom of Information Act 2000.

    The workbook can be used to assess records management practices across any type of organisation.

    e-Government Technical Standards

    There are a number of Government standards which aim to ensure the consistency of electronic information transferred between public organisations or made available to the public through means such as websites. e-GIF is mandatory for all public sector bodies, including the NHS.

    University of Edinburgh Records Management Section

    • Records management information from the University of Edinburgh

    Bristish Association for Sexual Health and HIV (BASSH)

    • Guidance on the Retention and Disposal of Hospital Notes

    The Medical Protection Society

    The Medical Protection Society has published guidance, Keeping Medical Records – A Complete Guide for Consultants

    The NHS Care Record Guarantee

    A document outlining the NHS commitment to respect patient rights, to protect patient confidentiality and to use patient information only for the purpose for which it was provided.

    Confidentiality and disclosure of information

    • General Medical Services (GMS) and Alternative Provider Medical Services (APMS) Code of Practice

    Information Commissioner

    • Use and disclosure of health data
    • CCTV Code of Practice

    Images from CCTV should not be retained for longer than necessary.

    This requires that organisations look at the purpose of recording the images.

    The Information Commissioner outlines several scenarios that may require different retention periods.

    The document also sets out standards for storage of CCTV images that need to be retained for evidential purposes and for the access and disclosure of images to third parties.

    Confidentiality

    • DoH Code of Practice on protecting the confidentiality of service user information

    The Privacy Advisory Committee in Northern Ireland

    The Privacy Advisory Committee in Northern Ireland can advise on some considerations about using patient information; but it has no statutory powers and so cannot give lawful authority to disclosures of identifiable information without consent.

    In the event of a complaint or challenge, its advice on best practice might play an important part in any assessment of the propriety of a disclosure.

    Guidance from the General Medical Council, the Medical Research Council, the British Medical Association and draft guidance from the office of the Information Commissioner reflect the evolving legal position and reinforce the requirement for consent.

    Data Protection

    • The Data Protection Act 2018

    Medicines and Healthcare Products Regulatory Agency

    • Management and Use of Point of Care Test Devices. MDA DB 2002(03), 2002

    Blood Safety and Quality Regulations

    • Directive 2002/98/EC of the European Parliament and Council of 27 January 2003

    Setting standards of quality and safety for the collection, testing, processing, storage and distribution of human blood and blood components.

    Useful contacts

    • Information and Records Management Society of Great Britain
    • Information Commissioner
    • Information Management Branch
    • Institute of Health Record and Information Management (IHRIM)
    • National Preservation Office
    • International Council on Archives
    • The National Archives
    • The Public Record Office of Northern Ireland

    Related content

    • Appraisal, closure, disposal and destroying of records
    • Disclosure of information and transfer of records to other organisations
    • DoH Business Areas - Privacy Notices
    • DoH Data Protection
    • DoH Data Protection policy statement
    • DoH FOI Policy Statement
    • DoH Freedom of Information
    • DoH Information Access
    • DoH Publication Scheme
    • DoH Significant FOI disclosures
    • Environmental Information Regulations
    • GMGR - ICT programme
    • GMGR file plan contents
    • GMGR file plans
    • Information held about me
    • Maintenance of GMGR records
    • Northern Ireland Adverse Incident Centre - Privacy Notice
    • Office of the Permanent Secretary/Private Office - Privacy Notice
    • Public Task Statement
    • Records management process advice
    Share this page Share on Facebook (external link opens in a new window / tab) Share on X (external link opens in a new window / tab) Share by email (external link opens in a new window / tab)

    Department footer links

    • Crown copyright
    • Terms and Conditions
    • Privacy
    • Cookies
    • Accessibility
    • The Northern Ireland Executive
    • The Executive Office
    • Department of Agriculture, Environment and Rural Affairs
    • Department for Communities
    • Department for Education
    • Department for the Economy
    • Department of Finance
    • Department for Infrastructure
    • Department for Health
    • Department of Justice
    • nidirect.gov.uk — the official government website for Northern Ireland citizens