Information Governance


Clinical Informatics Research Group

Information is a vital asset to support the activities of the Clinical Informatics Research Group, both in terms of its research portfolio and its educational programme.  It is of paramount importance to ensure that healthcare data entrusted to the Research Group for the purposes of research and teaching is efficiently and securely managed, and that appropriate policies, procedures and management structures provide a robust governance framework for information management consistent with legal obligations, and national and professional guidelines.

The Research Group works within the research and Information Governance frameworks for health and social care in the United Kingdom and pfizer viagra 50 mg online is compliant with the University’s best practice standards. The University of Surrey is registered with the Information Commissioner’s Office Data Protection Register and is compliant with the Data Protection Act and other legislations.

The Clinical Informatics Research Group has continuously worked to adapt to the changing research environment to reflect innovations in technologies and developments in Information Governance standards.  In 2013, the Research Group reviewed its Information Governance policies and procedures against the criteria of the NHS Information Governance Toolkit Version 11, and the review was subsequently approved by the IG Subject Matter Expert, Information Governance, Health and Social Care Information Centre.  A number of new Departmental policies and procedures were approved by the Faculty as a result of this review.  The Research Group is currently reviewing its processes and policies with a view to meeting the standards set out in the Information Governance Toolkit Version 12.

IG Training

As part of our commitment to meet with the requirements of Information governance as set out in the Information Governance Toolkit,  all existing and buy generic viagra in canada new research staff members of the Department of Health Care Management & Policy are required to complete basic IG training in information governance.  The basic IG training aims to (a) to gain a good understanding of issues in Information Governance, and (b) enable us to work with patient level data securely from data collection through to data processing and analysis in and out of our team base.   

The training will be conducted on-line using Information Governance Toolkit e-learning website . The basic on-line training will take about 4-6 hours to complete, and it is also necessary to successfully complete an on-line assessment. (

Essential modules for all research staff of the Clinical Informatics Research Group: –

  • Information Governance: The Beginner’s Guide – an introductory level module that explains the importance of information governance to staff who do not generally require access to personal information.
  • Patient Confidentiality – a foundation level module aimed at all NHS staff to gain an understanding of patient confidentiality and the role of the Caldicott Guardian in the NHS.
  • Secure Transfers of Personal Data – a foundation level module that informs learners how to protect sensitive data from unauthorised access and accidental loss, damage or destruction during transfer and how to dispose of sensitive data when it is no longer needed.
  • Information Security Guidelines – an introductory module on keeping information secure in and out of the workplace.

It is recommended for all research staff who work with GP practices or hospital staff regularly as part of their role (e.g. data collector or researchers who conduct audits or interviews in clinical locations) should also complete the following as we have an educational role as experts in working with routinely collected clinical data:-

  • Introduction to IG for General Practice Staff – an introductory level module aimed at all general practice staff to inform them about good Information Governance
  • Secure Handling of Confidential Information – an Introductory Level e-learning module on the secure handling of confidential information.

University policies

Data Protection Policy

University of Surrey Information Security Policy

IT acceptable Use Policy

Information Commissioners Data Protection Register

Cyber Security Response Protocol

Staff Handbook

Research Data Management Policy 2014

Departmental policies and procedures

IG Improvement plan 2014

Review of IG Improvement plan 2013

Departmental Information Governance Policy 2015-2016

Departmental Mobile Computing Policy 2015-2016

SOP data access and data sharing 2015-2016

SOP for Data extraction and Data processing 2015-2016

System Level Security Policy 2015-2016

Risk Assessment of physical security report 2015-2016

Security desk, clear screen and propecia 5mg printing V1.1

HSCIC Guidance

What you should know about Information Governance