IG growing as an unfortunate cause for concern?
Posted On 2011-10-27 16:36:32 By Steve BoxAfter a recent media story involving the ICO calling NHS data security breaches ‘just plain daft’ it has become clear that there desire to audit NHS organisations is being taken seriously by MPs: Article Link.
What’s interesting is whether organisations will have stepped away from the toolkit and carried out audits of clinical and non-clinical functions? This is where real understanding can be taken and used as the means to drive change so that Information Governance is implemented. The lack of implementation is most likely the reason that these incidents are occurring in the first place. It’s not just the audit itself that is effective; it is the questions within it that automatically raise awareness.
As well as audits organisations should also be testing there processes – so, for example, is asset management as effective as the process says it should be? What assurances are there that equipment is safe and locatable?
I think it’s positive that the ICO are taking steps to have such rights. If they are granted the right to investigate NHS organisations I would be interested to understand those organisations reactions and to know if Caldicott Guardians refocus there energy on governance.
One thing is for sure, if they haven’t self-audited and/or tested processes, they’ll need to refocus - and quickly.