Information Governance and Assurance

Our team works on the following:

• Provision of advice to Scottish Ministers, policy leaders, health boards and stakeholders, in areas of data and digital governance within the health and care sector, including privacy, data protection, records management, information assurance, and the management of information and privacy risks.
• Support to the development of digital solutions for the health sector ensuring all privacy, quality and security elements are considered and set out in Data Protection and other risk assessments and Privacy Notices. The Protect Scot app and Covid Status app are good examples of this type of work.
• Support in writing guidance for health professionals to conduct work in a safe and supported manner, for example Speech and Language therapists’ guidance for working in Covid environments.
• Leading on national IG policies and the development of the IG strategic direction for health and care in Scotland through the 2021 Digital Health and Care Strategy and the Data Strategy for Health and Social Care.
• Supporting research and innovation and wider public sector initiatives through steering groups and Boards.
• Lead on the National IG Plan for health and social care.

We established the NIGP as a response to the ambitions of the Digital Health and Care Strategy, the Data Strategy for Health and Social Care, and the recommendations to improve Information Governance set out in the National IG Review.

The NIGP aims to provide:

• a more balanced, federated IG model that will support a more efficient way of making decisions and managing data and digital across all health and social care in Scotland
• a strong commitment to continually maturing IG across the health and social care ecosystem
• empowered people, prepared for their roles (both citizens and those who work with data and digital technologies)
• the right tools for IG tasks
• enhanced transparency of how data and digital is used across health and social care and of how decisions concerning data are made
• transformative, participatory public engagement

Health and social care services use data and digital technologies to provide better services and, ultimately, improved outcomes for people.

Information Governance (IG) is about the way decisions are made over the data and digital technologies used across health and social care, and about how these technologies are managed. Information (data) and digital systems are used everywhere across health and care services, from the computers used by your GP to websites used for booking appointments, and many other applications. And, of course, it is created through the use of written paper records.

For example, if you catch flu and see your doctor, your doctor will record that information. When dealing with your information, professionals have to decide how that data is handled, if it is accurate, if it can be shared, and so on. Sometimes data, used safely and effectively, can be for the benefit of the individual, and sometimes it can be for the benefit of Scotland’s population as a whole. IG enables both of those things to happen within set boundaries, so that your data can be managed in the best and safest way possible.

How your information is stored, how different health and social care workers share information, how they can collaborate, how the quality of the health and social care service you receive is monitored and improved, how research can be carried out, how innovation can be brought to Scotland’s people – all of these things are examples of ways in which IG enables secure and valuable work.

As with everything Health and Social Care does, IG is fundamentally about guiding ways to improve outcomes for people when they use a public service.