Information Governance and Assurance
About work area
The Information Governance and Assurance team provides both oversight and national direction to Health and Care organisations in Scotland on information governance (IG) and assurance matters.
Our goal is to ensure Health and Care in Scotland has mature IG processes in place to enable data-driven and digital-driven innovations across health and care in a transparent, fair, consistent and secure way.
The refreshed DH&C Strategy vision is : ‘To improve the care and wellbeing of people in Scotland by making best use of digital technologies in the design and delivery of services.
As part of that strategy, and the new Data Strategy for Health and Social Care, we are developing the National IG Programme for Health and Care; a strategic and holistic IG approach to enable end-to-end information across health and care in a resilient and secure digital environment. This is an innovative programme of work to improve information governance and security across health and care in Scotland, including empowering people, streamlining processes, and ensuring we have the right tools in place for a diversity of information governance and security tasks you may require.
We also provide support to other teams across the Scottish Government and provide national policies, guidance, and tool kits for everyone to use, particularly wherever health and care data and digital systems are in the mix. We work closely with colleagues in the Scottish Government Digital Directorate, the Data Protection team, and the Chief Data Officer.
What the area does
Our team works on the following:
- Provision of advice to the Scottish Ministers, policy leaders, health boards and stakeholders, in areas of data and digital governance within the health and care sector including privacy, data protection, records management, information assurance, and the management of information and privacy risks.
- Support to the development of digital solutions for the health sector ensuring all privacy, quality and security elements are considered and set out in Data Protection and other risk assessments and Privacy Notices. The Protect Scot app and Covid Status app are good examples of this type of work.
- Support in writing of guidance for health professionals to conduct work in a safe and supported manner, for example Speech and Language therapists’ guidance for working in Covid environments.
- Leading on national IG policies and the development of the IG strategic direction for health and care in Scotland through the 2021 Digital Health and Care Strategy and the Data Strategy for Health and Social Care. Supporting research and innovation and wider public sector initiatives through steering groups and Boards
- Lead on the National IG Programme for Health and care
Examples of work done
The Covid Status app (vaccination certification/passports) was developed very rapidly to support the ability of people to travel internationally. It also allowed them access to domestic venues as the government Covid policy changed to match the risk of each Covid variant. This effectively become the first national route where the public could access their vaccination health record information digitally.
We recognised that not all people will use the app and a non-digital route has also been developed with the same IG considerations.
This work continues as we support the vaccination booster programme, the vaccinations of 12 – 15-year-old people, and the vaccination of the youngest grouping of 5 -11 years old. We have worked to ensure that they can access their health vaccination record whilst also ensuring the most appropriate level of security is designed and incorporated into the programme.