Information Governance Sample Clauses

Information Governance. 49.1 The Service Provider warrants and undertakes as follows: 49.1.1 the Service Provider shall in relation to this Agreement comply with the Data Protection Act 1998 (hereafter the "DPA"), the Privacy and Electronic Communications (EC Directive) Regulations 2003 (hereafter the "PECED") and all relevant, subordinate or successor legislation relating to each of them including, without limitation, the Eight Data Protection Principles set out in the DPA; 49.1.2 the Service Provider acknowledges that TfL will rely upon the Service Provider to enable TfL to comply with its obligations under the Freedom of Information Xxx 0000 (hereafter the "FOIA"), the Environmental Information Regulations 2004 (hereafter the "EIRs") and the Reuse of Public Sector Information Regulations 2005 (hereafter the "RPSI") in relation to the Services and this Agreement and that the processes and procedures set out in this Agreement with which the Service Provider is required to comply are important for the purposes of ensuring such compliance; 49.1.3 if there is dispute over what is required for compliance with the DPA and the other named Acts and Regulations, the Service Provider will comply with written instructions from TfL’s legal advisers, except where it is illegal for the Service Provider to do so; and 49.1.4 the Service Provider agrees to provide promptly all reasonable additional information and co-operate fully with any investigations by TfL in relation to complaints under the DPA, FOIA, EIRs, RPSI, PECED and Computer Xxxxxx Xxx 0000, including investigations relating to complaints by the Information Commissioner’s Office, the Information Tribunal and the Courts. 49.2 The Service Provider shall: 49.2.1 take and implement appropriate technical and organisational security measures, that are necessary or appropriate to ensure a level of security to preserve the security and confidentiality of any Personal Data collected and/or processed by it and are satisfactory to TfL from time to time, against unauthorised or unlawful Processing of TfL Personal Data and against accidental loss, destruction of, or damage to such Personal Data including but not limited to the Security Policy and the Security Plan and shall procure its Sub-Contractors to do the same; 49.2.2 without prejudice to Clause 49.2.1, wherever the Service Provider uses any mobile or portable device for the transmission or storage of TfL Personal Data, ensure that each such device encrypts TfL Personal Data; 49.2.3 provi...

Information Governance. The Parties acknowledge their respective obligations arising under FOIA, DPA and HRA, and under the common law duty of confidentiality, and must assist each other as necessary to enable each other to comply with these obligations. The Provider must complete and publish an annual information governance assessment using the NHS Information Governance Toolkit. The Provider must: nominate an Information Governance Lead, to be responsible for information governance and for providing the Provider’s Governing Body with regular reports on information governance matters, including details of all incidents of data loss and breach of confidence; nominate a Caldicott Guardian and Senior Information Risk Owner, each of whom must be a member of the Provider’s Governing Body; ensure that the Commissioner is kept informed at all times of the identities of the Information Governance Lead, Caldicott Guardian and the Senior Information Risk Owner. The Provider must adopt and implement the recommendations of the Caldicott Information Governance Review and the Response to Caldicott. The Provider must, at least once in each Contract Year, audit its practices against quality statements regarding data sharing set out in NICE Clinical Guideline 138. The Provider must achieve a minimum level 2 performance against all requirements in the relevant NHS Information Governance Toolkit. The Provider must report and publish any Data Breach and any Information Governance Breach in accordance with IG Guidance for Serious Incidents. The Provider acknowledges that the Commissioners are subject to the requirements of the FOIA. The Provider must assist and co-operate with each Commissioner to enable it to comply with its disclosure obligations under the FOIA. The Provider agrees: that this Contract and any other recorded information held by the Provider on a Commissioner’s behalf for the purposes of this Contract are subject to the obligations and commitments of the Commissioner under FOIA; that the decision on whether any exemption to the general obligations of public access to information applies to any request for information received under FOIA is a decision solely for the Commissioner to whom the request is addressed; that where the Provider receives a request for information under FOIA and the Provider itself is subject to FOIA, it will liaise with the relevant Commissioner as to the contents of any response before a response to a request is issued and will promptly (and in any event with...

Information Governance. 12.1 The Service Provider shall in connection with the provision of the Services and the performance of its obligations under the Contract comply with the DPA.

Information Governance. 7.1. Each party shall monitor the Personal Data to ensure that it is accurate and up to date and shall destroy any Personal Data that is inaccurate or out of date. 7.2. The parties shall promptly agree the following details to the extent that these are not covered in this agreement: 7.2.1. the prescribed format for datasets (to ensure that compatible datasets are used); 7.2.2. common rules for the retention and deletion of Personal Data; and 7.2.3. common technical and organisational security arrangements including for the transmission of the Personal Data. 7.3. The parties shall hold a six monthly review meeting (or such other frequency as may be agreed by the parties in writing) to review the ongoing effectiveness of the data sharing activities under this agreement and agree any appropriate changes to such activities or the agreement. 7.4. Where the Disclosing Party reasonably suspects that the Recipient is not in full compliance with its obligations under this agreement, the Disclosing Party may: 7.4.1 terminate this agreement with immediate effect; and/or

Information Governance. CONFIDENTIALLITY

Information Governance. ‌ 1.5.1 Information sharing can best achieve improvements in service delivery if the information conforms to certain standards to ensure that it is accurate, up-to-date, and correctly applied to the right person. The Parties have their own systems to monitor and check the quality of the information they hold, including information exchanged with the other Parties. Sharing only takes place where there is no doubt that the information relates to the right person. The Parties have mechanisms for informing the others in the event that information is found to be incorrect, out of date etc. 1.5.2 By law, neither the Board nor the Local Authorities are entitled to hold personal information for longer than is necessary. It is, however, not always easy to define how long it will be necessary to hold particular information, as circumstances may change and events may only come to light many years after they originally happened. The Parties will have their own policies on how long to keep different types of records (policies such as this are known as “retention schedules” as they describe how long to retain the different types of document or record). Shared information is covered by the retention schedule of the Party holding it subject to arrangements to ensure consistency of approach between the Parties on this. Before introducing new methods of processing or sharing personal data it is good practice to consider the benefits as well as the risks and potential negative effects for the individuals to whom the data relates. A Privacy Impact Assessment (PIA) is one method of doing this. This protocol commits each party to conducting such assessments in certain circumstances. More detail on this, as well as information standards and retention referred to above, can be found in section 5 below.

Information Governance. Data Management‌ This section analyses IG maturity models from the Data Management perspective. As described previously, IG is a multi-disciplinary field therefore the models analysed also represent disciplines that are considered relevant to IG.

Information Governance. 7.1 Each party shall monitor the Personal Data to ensure that it is accurate and up to date. 7.2 The parties shall promptly agree the prescribed format for datasets (to ensure that compatible datasets are used) to the extent that this is not covered in this agreement. 7.3 The parties shall hold a six (6) monthly review meeting (or such other frequency as may be agreed by the parties in writing) to review the ongoing effectiveness of the data sharing activities under this agreement and agree any appropriate changes to such activities or the agreement. 7.4 Where the Disclosing Party reasonably suspects that the Recipient is not in full compliance with its obligations under this agreement, the Disclosing Party may require the Recipient to attend a meeting between the parties at which the Recipient will be expected to present, and gain acceptance for, a plan to avoid repetition of the failure, which the Recipient shall promptly implement following such meeting. 7.5 The parties may include any additional Third Party Recipients within the scope of this agreement, or elect to exclude any Third Party Recipients from receiving any Personal Data, by prior written agreement.

Information Governance. An Information Sharing agreement has been shared with CCGs which has been discussed at the Lancashire and South Cumbria Primary Care Quality Forum and CCGs have been requested to sign up to this in 2016. Schedule 4 to the Delegation Agreement outlines further information sharing provisions and sets out the scope for the secure and confidential sharing of information between the parties on a need to know basis between individual personnel in order to enable the parties to exercise their primary medical care commissioning functions in accordance with the law.

Information Governance. Process & Procedure; Asset Management; Access Control & Security; Audit; Compliance; Continuity Management.