Categories: The Latest in Health

What is Information Governance & Why Does it Matter?

In July 2015, the controversial infidelity dating website Ashley Madison suffered a serious data breach that resulted in the leaking of the details of its entire customer base. There were plenty of red faces for those exposed by the breach, but just as embarrassing was how obvious many of the passwords turned out to be.

One security analyst found that among the 4,000 passwords that were the easiest to crack, “123456” and “password” were the most commonly used passwords on the site. Due to a coding error, over 11 million passwords were eventually cracked. This is a serious problem regardless of any embarrassment as too many people use the same password across different websites. If hackers know your username and password for one site, it’s likely they’d be able to hack into other sites you might use. 

Individuals and organisations can guard against these problems and more by adhering to best practice in information governance. 

Information governance, information security and data protection often sit under ‘mandatory training’. Unfortunately, this is usually a byword for something you’ll only get around to when you’re sent the fifth and final reminder by the HR team. 

Yet if high profile cases such as Ashley Madison can teach us anything, it’s that information governance is increasingly important for our own security, our organisations and for patients. 

So What Is Information Governance?

Information governance refers to the management of information at an organisational level. It includes the following main items: 

  • Confidentiality
  • Data protection
  • Information recording
  • Sharing confidential information
  • Subject access requests
  • Freedom of information requests.

The Data Protection Act 1998 set out a standard to manage the processing of information which went beyond patient information to include data such as personnel information from organisations and suppliers. Although the focus has been on electronic information in recent years, the act also applies to all forms of media including images and any scribbled medical notes. 

In health care, the outcomes from the act include staff ensuring patient confidentiality and keeping accurate/ jargon free case notes.

By contrast, the Freedom of Information Act 2000 allows the public access to information held by public authorities. Public authorities include the police, healthcare organisations like the NHS and local authorities. The Act covers any recorded information that is held by a public authority in the UK (with slightly different laws for Scotland).

Information Governance statement of knowledge:

Think you know your information governance? Have a quick scan through the questions below and see how many statements you can honestly agree with: 

How did you do? If you already know your Caldicott principles, then well done! You’re probably in the minority of the general public however. 

Why Does Information Governance Matter?

On a personal level, ignoring information governance best practice could lead to embarrassment, or financial consequences as your could be shared by hackers across the world.

On an organisation level, the Information Commissioner’s Office (ICO) can audit for compliance of information governance procedures. Failure to adhere to a stringent procedure could impact your organisation’s reputation and recognition of ability.

Regardless of your organisation’s size, it is therefore important that all staff apply the principles of information governance in their role. This may be as complex as ensuring data encryption or as simple as ensuring that confidential work information is not discussed on social media. 

To search for up to date Elearning on Information Governance via the Skills Platform click here. 

This post was last modified on 29 March 2021


Recent Posts

Christmas Support Hours 2021

The Skills Platform will have limited support over the Christmas period. Please find details of available support below: Skills for… Read More

29 November 2021

The UK charity sector rises to the digital challenge amidst adversity and this momentum must continue

More than a year on from the start of the pandemic, charities have shown innovation and agility, adapting quickly to… Read More

13 July 2021

New 2021 Fire Legislation Marks Another Positive Step Since Grenfell

2021 marks the development of the Fire Safety Act and Building Safety Bill. The former has been approved by parliament… Read More

5 July 2021