Last updated: 
4 days 8 hours ago
Group Manager
New: Presentations from NHS-HE Forum on 11th June 2020; NHS-HE IG WG meeting 21st Oct 2020 NHS-Higher Education Connectivity Project: about NHS-HE Forum: about+archive, last meeting, next - 24th November 2020 Scotland NHS-HE Forum:archive, next - currently on hold NHS & eduroam, List of hospitals providing eduroam Govroam  - roaming federation for the public services NHS-HE Information Governance Working Group - particularly for those involved in applying for health data for research, especially where this involves an NHS Digital Data Security and Protection Toolkit submission Please join this group and comment, also the parallel NHS-HE Forum JISCMAIL group for email updates.

Group administrators:

Information Governance and the NHS

15 November 2013 at 12:35pm

The Information Governance arragements for the NHS adopt the same principles but are slightly different in approach between the NHS in England, Scotland, Wales and Northern Ireland.

In Scotland and Wales (and probably Northern Ireland) then for a University or other janet connected organisation to access services on the NHS networks in those countries then an application has to be made which is then considered by an appropriate officer or committee. The process in Scotland was described by Colin Howarth at the Scotland NHS-HE Forum in October 2012.

In England the process is managed by the Department of Health. Access to NHS systems on the N3 network requires the organisation to complete the Information Governance Statement of Compliance (IG SoC) which includes a self-assessment against the Information Governance Toolkit (IGT) using an appropriate "organisation type view". The requirements are available on the website as are the reports of those organisations who have completed the IGT.

In addition to the IGT being required as part of the IG SoC for access to NHS systems in England, in 2012 a change was announced to the way that the Department of Health would review s251 applications for NHS data - i.e. NHS data that can be used for clinical research without express individual patient consent. The review team would no longer accept System Level Security Policies to be individually assessed but would instead look for assurance via the Information Governance Toolkit. The announcement is here from the National Information Governance Board for Health and Social Care (although this role has now been taken over by the Health Research Authority).

There is now a rapidly increasing list of research or University groups achieving IGT accreditation.

Related Information: