Why is information governance important in healthcare

Information Governance (IG) is about how to manage and share information or data appropriately. This includes information about patients collected digitally.

Índice Show

Why is understanding IG important?
Basic Principles
Where can I go for more information?

This includes understanding how to treat information about patients, and if and when you should share that information with others who are involved in that care.
It also relates to the use of data for other purposes such as research or evaluating the quality of care.

Why is understanding IG important?

In the UK the main legislation related to IG is the EU General Data Protection Regulation (GDPR) and the UK Data protection Act 2018. It is important that you understand the general principles for data protection in your work. Patients, their families and you (as employees) expect data about them (often known as personal information) or information that could mean that they could be identified (known as sensitive information) is managed and used appropriately.

The laws surrounding IG can be complex, and it can sometimes be difficult to identify if you should be sharing patient information with others (either individuals or organisations).

Basic Principles

Information should be:

used fairly, lawfully and transparently
used for specified, explicit purposes
used in a way that is adequate, relevant and limited to only what is necessary
accurate and where necessary kept up to date
kept for no longer than is necessary
handled in a way that ensures appropriate security, including protection against unlawful or unauthorised processing, loss, destruction or damage.

Where can I go for more information?

NHSX has an Information Governance portal which brings together national guidance on IG – to give you clear and consistent guidance on what to do in different situations, if you work in health and care organisations.

1. Asadi F, Rouzbahani F, Rabiei R, Moghaddasi H, Emami H. Information Governance Program: A Review of Applications in Healthcare. Archives of Advanced in Bioscience. 2019 Mar 18;10(1):47–55. [Google Scholar]

2. Novak S, Djordjevic N. Information system for evaluation of healthcare expenditure and health monitoring. Physica A: Statistical Mechanics and its Applications. 2019. - .80 520072.

3. Samadbeik M, Garavand A, Saremian M, Baraei Z, Adeli M. Readiness of Patients with Chronic Diseases to Use Health Information Technology: An Experience of a Developing Country. Shiraz E-Medical Journal. 2018 Oct;19:10. [Google Scholar]

4. Zaka N, Alexander EC, Manikam L, et al. Quality improvement initiatives for hospitalised small and sick newborns in low-and middle-income countries: a systematic review. Implementation Science. 2018;13(1):20. [PMC free article] [PubMed] [Google Scholar]

5. Latifi M, Tehrani HG, Karami NA, et al. Using information sources by breast cancer women treated with mastectomy. Journal of Education and Health Promotion. 2019;8(1):68. [PMC free article] [PubMed] [Google Scholar]

6. Dong L, Keshavjee K. Why is information governance important for electronic healthcare systems? A Canadian experience. Journal of Advances in Humanities and Social Sciences. 2016;2(5):- .260 250. [Google Scholar]

7. Moghaddasi H, Asadi F, Hosseini A, Ebnehoseini Z. E-health: a global approach with extensive semantic variation. Journal of medical systems. 2012 Oct 1;36(5):3173–6. [PubMed] [Google Scholar]

8. AHIMA. Information governance principles for healthcare (IGPHC)™ 2014[cited 20 2014Dec]. Available from: http://www.ahima.org/~/media/AHIMA/Files/ HIM-Trends/IG_Principles.ashx.

9. Moghaddasi H, Hosseini A, Asadi F, Esmaeili M. Problems of health insurance systems and the need for implementation of a reform approach. Journal of Health Administration (JHA). 2011;14(44) [Google Scholar]

10. Shah T, Wilson L, Booth N, et al. Information-sharing in health and social care: Lessons from a socio-technical initiative. Public Money & Management. - .5 201901.

11. NHS DoH. NHS Connecting for Health(CFH(.Information governance toolkit derivations and support for standards) 2015[ 8Jun]. Available from: http://systems.hscic.gov.uk/infogov/ links/v5derivations.pdf.

12. NHS DoH. NHS Connecting for health information governance assurance framework: information governance assurance framework strategy September 2012[cited 2015Jun 29]. Available from: https://nww.igt.connectingforhealth.nhs.uk.

13. Willison DJ, Trowbridge J, Greiver M, et al. Participatory governance over research in an academic research network: the case of Diabetes Action Canada. BMJ open. 2019;9(4) e .026828. [PMC free article] [PubMed] [Google Scholar]

14. Kloss L. USA: AHIMA Press; 2014. Implementing Health Information Governance 0Lessons from the Field. [Google Scholar]

15. HIQA. International review of information governance structures. 2009.. Available from: http://hiqa.ie/system/files/Information_Governance_StructuresInternational_Review.pdf. Accessed Mar .312015.

16. Canadian RIM. 2016. An ARMA Canada Publication Spring.

17. Rabiei R., asadi F., Moghaddasi H., Rouzbahani F., Rahimi F. Health information governance Program: A Review on Component &Principes. Crescent Journal of Medical and Biological. 2019;6(4) [Google Scholar]

18. HIQA. International Review of Health Information Governance. 2011.

19. Rabiei R, Rouzbahani F, Asadi F, Moghaddasi H, Emami H, Rahimi F. Health Information Governance Program: A Review on Components and Principles. Crescent Journal of Medical and Biological Sciences. 2019;6(4) in press. [Google Scholar]

20. NHS DoH. Information Governance Toolkit. 2017. [cited 20 2017May ]. Available from: https://www.igt.hscic.gov.uk/RequirementQuestionNew.aspx?tk=428793554327591&lnv=2&cb=bc152ba5-f42-058af-a90a-2cedd603cc78&sViewOrgType= 24&reqid=2820&first=true.

21. Winter JS, Davidson E. Governance of artificial intelligence and personal health information. Digital Policy, Regulation and Governance. 2019.

22. Ford E, Boyd A, Bowles JK, et al. Our data, our society, our health: A vision for inclusive and transparent health data science in the United Kingdom and beyond. Learning Health Systems. 2019. p. e.10191. [PMC free article] [PubMed]

Page 2

Components and sub-components of the proposed model.

Components	Sub-components
Rules and regulations	Information and data confidentiality rules, data security rules, information and cyberspace, information management rules
Policies	Information and data confidentiality policy, data and information security policy, information and documents management policy
Standards	Health IG management standard, information and data confidentiality standard, data, and information security standard, information, and documents management standard, data and information quality control standard
Information management	Information design, creation, and gain, information analysis, information access and application, information dissemination, information storage, information disposal, information quality management, coding based on international coding books such as ICD (International Classification of Diseases)
Documents management	Documents design, creation, access, and application of documents, documents dissemination, documents storage, documents disposal, documents quality management
Data Governance	Definition of data elements, determination of data structure and architecture, data modeling, improvement of clinical documentation, data quality control and management, big data management, metadata management, data dictionary management
Information technology (IT) Management	Alignment of IT strategies with organization strategies, IT processes management and direction, development of an integrated approach to the selection, evaluation, and use of IT, application of technologies to manage and control information and documents, IT resources management such as information systems, hardware and software, network and database communications, financial and human resources, and data and information
IT Governance	IT processes management and direction, development of an integrated approach to the selection, evaluation, and use of IT, application of technologies to manage and control information and documents, monitoring IT resources such as information systems, hardware and software, network and database communications, financial and human resources, and data and information
Risk Management	Identification of the events threatening data, information and cyberspace, prevention and control of unwanted events such as distortion, data and information theft, and violation of the security and privacy of data, information, and cyberspace, analysis and evaluation of threats and damages, risk management through setting and enforcing data and information access and protection policies, development and implementation of post-disaster data recovery programs
Change Management	Planning for development of new structures, processes, and technologies, implementation of changes or reforms, occupational development and enrichment, change control,evaluation and fixation
Compliance Management	Identification of internal and external laws, policies and standards, compliance with internal and external laws, regulations and standards, responding to legal requests, evaluations, and audits
Human Resource Management	Identification, selection, and recruitment of employees, job design and analysis and assignment of roles and responsibilities, staff training and justification, compensation management,performance evaluation
Program monitoring and auditing	Definition and formulation of necessary criteria, criteria-based evaluation at specified intervals, provision of feedback for decision-making and program improvement