Training
Information Governance (IG) training is a mandatory requirement for all staff and must be completed each year.
Mandatory training is available through Electronic Staff Record linked e-learning.
New starters must complete the Introduction to Information Governance within 3 months of starting work. The Information Governance Refresher Module may be completed annually after that.
1
Mahwish Noor, Information Governance Manager and Data Protection Officer
2 Describe your role in one sentence
As a Data Protection Lead, I protect personal and sensitive information relating to patient and employees and provide a framework to ensure personal information is dealt with legally, securely, efficiently and effectively, in order to deliver best possible care.
Tell us about a project you’re working on and how does it / will it benefit patients?
I am working on various projects on a daily basis. One of the projects is called Health Information Exchange (HIE). HIE is an electronic, real-time, shared record view of a resident’s key health and care information – right now
It allows doctors, nurses, pharmacists and other
health care providers within NCL STP to appropriately access and securely share a service user’s vital medical information electronically—improving the speed, quality, safety and cost of care.
From information governance perspective, we have setup a data sharing agreement with all the organisations to allow sharing of information lawfully as part of direct care but also to respect any opts out raised by services users.
Is there anything you’d like your colleagues to do as a result of reading this that would help you with your project?
If you are procuring or setting up a new project which involves personal data processing, please email me at first instance. One of the requirements for such projects is for the staff to complete a Data Protection Impact Assessment (DPIA) which allows the project team and
IG Team to identify any risk associated with processing the personal data as well as managing these risks with mitigating actions.
The DPIA template is available on the intranet here.
Second ask is, please complete your mandatory Data Security training so that you are compliant with the Data security standards. Failure to complete the training can
Name and job title
lead to fines and complaints raised by the Independent Supervisory authority called Information Commissioner Officer (ICO).
5 What three words would you use to describe our single organisation?
Hectic, Fun and helpful (staff)
6 What do you like most about your role / working here, and what do you find most challenging?
I love working as an Information Governance Manager and leading on various projects project to ensure they are compliant with GDPR and Data Protection Act 2018. I also enjoy working with my team and support received by Senior Management around importance of keeping confidential data secure.
A challenging aspect of my job is receiving documentations and approving projects within a day. If enough notice is provided and IG is involved at the start of the project, the issue of IG blocking the work would be less. So the message is, involve IG from the start of the project! Also, another challenge is chasing staff to complete their data security training.
The NHS Long Term Plan will make sure the NHS has a bright future ahead of it. Regarding technology / IT, how do you think the NHS will change over the next 10 years?
Technology will be enhanced and more toward agile working.
8 Do you have a personal NHS story you’d like to share?
Every time I have visited my local hospital for a test or any sort of procedure, they have been great. I really appreciate the support provided by NHS Staff. I always question them regarding the data since being an Information Governance Manager.
9 What would your colleagues be surprised to discover about you?
I love cleaning a lot like Mrs Hinch style and have loads of products at home.
3
7
4