Template: Information Sharing Protocol



Inter-Agency Information Sharing Protocol

Local Intelligence Network

Document Control

|Author | |

|Contributors | |

|Version | |

|Date of Production | |

|Review Date | |

|Responsibility for Review | |

|Primary Circulation List | |

|Sign Off | |

| | |

| | |

Document History

|Date |Version |Comments |

|Nov 17 |1 | |

| | | |

| | | |

| | | |

| | | |

| | | |

| | | |

| | | |

| | | |

Glossary

o Information Sharing Protocol – an agreement between the organisations represented on the LIN to facilitate, manage and govern the effective, secure and timely sharing of good quality information.

o Accountable Officer (AO) – an Accountable Officer is tasked to take overall responsibility for the safe management and use of controlled drugs in their organisation and must be a fit, proper and suitably experienced person.

o Local Intelligence Network (LIN) - Under legislation there is a direction to establish the LIN. The AO nominated or appointed by the Regional Board, shall establish and operate a local intelligence network. The core purpose of the LIN is the sharing of information to support the governance of CDs.

o Chair of the LIN – this is the HSCB’s Accountable Officer

o Non Departmental Arm’s Length Bodies – this term is interchangeable with Non-Governmental Public Bodies (NDPBs). An NDPB is a national or regional public body, working independently of, but still accountable to ministers.

o Designated Body – is defined as:

o the Regional Health and Social Care Board

o all Health and Social Care Trusts

o a Relevant Independent Hospital

o the headquarters in Northern Ireland of regular or reserve forces

o Responsible Body - Responsible bodies (other than Designated Bodies) are those which have a distinct regulatory function. As such they do not have Accountable Officers and their perspective on governance in respect of CDs is distinct from the Accountable Officer perspective.

The Responsible Bodies are defined as:

o a Designated Body;

o the Department of Health (DoH);

o Regulation and Quality Improvement Agency(RQIA);

o Regional Business Services Organisation (RBSO);

o the Police Service of Northern Ireland (PSNI);

o a Regulatory Body.

o Regulatory Body – means :

o (i) a body referred to in section 25(3) of the National Health Service Reform and Health Care Professions Act 2002 (b) (the Professional Standards Authority for the Health and Social Care (c)); and

o (ii) the Northern Ireland Social Care Council (d);

o Relevant Person – these individuals are:

o A health professional who provides health care services to private patients other than at or from a relevant independent hospital, where doing so involves or may involve that health care professional in the supply or administration of controlled drugs

o An individual not being a health care professional who is engaged in any activity carried on with or on behalf of a health care professional that involves or may involve that individual in the supply or administration of controlled drugs

o An individual who:

▪ Is registered under Part III of the 2003 Order as the manager of, or the person who is carrying on, a residential care home, a nursing home or a domiciliary care agency which involves that individual in the supply or administration of controlled drugs or

▪ Not being the registered person is or may be engaged in the supply or administration of controlled drugs which are carried on with or on behalf of that registered person

o Controlled Drugs (CDs) - Some prescription medicines are controlled under the Misuse of Drugs legislation (and subsequent amendments). These medicines are called controlled medicines or controlled drugs.

o LIN Database - Bespoke database for sharing information among Accountable Officers

References

o Controlled Drugs (Supervision of Management and Use) Regulations (Northern Ireland) 2009

o Controlled Drugs (Supervision of the Management and Use) (Amendment) Regulations (Northern Ireland) 2015

o The Data Protection Act 1998

o The Human Rights Act 1998

o Common Law Duty of Confidentiality

o Freedom of Information Act 2000 (public sector bodies)

o Environmental Information Regulations 2004 (public sector bodies)

o Access to Health Records (Northern Ireland) Order 1993

o Controlled Drugs Local Intelligence Network (LIN) Guidelines for Disclosing Identifying Details of a Relevant Person

o Managing and Sharing Concerns Document

Contents

1. Purpose of this information Sharing protocol

2. Policy Context

3. Parties to the Agreement

4. Information Sharing Requirements

5. Purposes for Sharing Information

6. Arrangements for Sharing Information

7. Basic Information Security Requirements

8. Legislative Context

9. Key Principles and Duties

10. Roles and Statutory Responsibilities of the Accountable Officer (as defined by Regulation)

11. Supporting Documents and Policies

12. Governance, Monitoring and Review

13 Freedom of Information

14 Data Protection (Section 7 – Right of Access to Personal Information)

15. Records Retention and Disposal Schedule

16. Conclusion

Document Scope

Regulation 18(2) of the Controlled Drugs (Supervision of Management and Use) Regulations (Northern Ireland) 2009 (“The Regulations”) establishes a Local Intelligence Network (LIN), and Regulation 18(1) requires that ‘An accountable officer shall establish and operate, or ensure that his designated body establishes and operates, appropriate arrangements for ensuring the proper sharing of information’ and should also be considered in conjunction with the Controlled Drugs (Supervision of the Management and Use) (Amendment) Regulations (Northern Ireland) 2015 (“The Amended Regulations”).This Information Sharing Protocol has been developed to operationally manage the proper sharing of information between the members of the LIN.

The sharing of information between members of the LIN is primarily governed and described by Regulation 17*, 25, 26 and 29, with restrictions to the uses that information can be put, described at Regulation 27. In addition, these Regulations make provision for ensuring effective Records Management processes are embedded within any sharing protocol and these are described at Regulation 28.

(* regulation 17 is restricted to designated bodies)

1. Purpose of the Sharing Agreement

This Information Sharing Protocol (ISP) is not a legally binding document, rather it aims to provide the basis for an arrangement between the organisations represented on the Local Intelligence Network (LIN) to facilitate and manage the effective, secure and timely sharing of good quality information in a consistent manner with adequate safeguards in place. It sets out:

• The purpose of information sharing.

• The principles underpinning information sharing.

• The responsibilities and commitments of partners to this protocol

• Basic prerequisites required to meet Information Governance requirements by members.

It is not intended that this document be definitive or exhaustive, rather it is recognised that as policy develops and implementation arrangements mature, this ISP will need to be reviewed and amended in light of new information sharing requirements to ensure that it is ‘fit for purpose’ and complies with all applicable Legislation[1].

As this protocol aims to establish principles for information sharing within the context of a Local Intelligence Network (LIN) which partners are invited to sign up to, its purpose is to provide consistency of approach to data sharing across bodies who contribute to and who participate in the LIN. This document and the associated supporting documents listed at Part 11 are designed to aid all Accountable Officers within their respective organisations to meet the requirements of their role.

2. Policy Context

Section 18 of The Health Act 2006 and Regulation 24 of the Regulations obliges local organisations to collaborate and to share information, within certain constraints, relating to the management and use of controlled drugs.

The Regulations (and the Amendment Regulations (Northern Ireland) (2015) facilitate this statutory obligation and are as a direct consequence of the findings of the Shipman Inquiry. The aim of these regulations is to strengthen the governance arrangements around the use, supervision and management of controlled drugs.

This obligation is facilitated operationally through the establishment of a Local Intelligence Network (LIN) the work of which is governed by The Regulations (and the Amendment Regulations The LIN is hosted by the Health and Social Care Board (HSCB), to which information and concerns can be provided and channelled by its members, and through which information can be shared with other bodies and acted upon in the Public Interest and on occasion in the best interests of the ‘Relevant Person’ (see part 4 definition). Responsible bodies may also share information between themselves (Reg 25(1)) within the parameters set by the Regulations mentioned above.

This Information Sharing Protocol (ISP) has been requested by the Chair of the LIN to establish and enable proportionate, appropriate and timely sharing of information, including personal information relating to a ‘Relevant Person’, and when necessary, Patients/Service Users.

The protocol is intended to reinforce a consistent approach to data sharing and working practices across both the Public Sector and non-public sector participants and it defines at Part 4, the information which might be transferred between the organisations listed at Appendix 1.

In order for the LIN to be effective it is essential that all Responsible Bodies engaged in its development, implementation and operation are committed to sharing good quality information in a timely, responsible and secure way. To achieve this all members should familiarise themselves with the governing legislation which supports and requires its activities. As such Accountable Officers are expected to operate corporately for their respective organisations.

Controlled Drugs are essential to modern clinical care and as such, it is essential that the Health and Social Care sector in Northern Ireland enforces robust arrangements for the management and use of CDs to minimise patient harm, misuse and criminality. It is also critical that the public sector and non-public sector bodies in collaboration to address areas which do not meet the high standards expected of our employees or members, to ensure the resident population of Northern Ireland consistently receive the highest standard of care.

3. Parties to the Agreement

A list of those organisations represented on the Local Intelligence Network is included at Appendix 1. This is not exhaustive and as the work of the LIN matures and/or legislation changes, it may be necessary to include additional bodies who may contribute to the LIN or who may work collaboratively with the LIN on matters relating to the supervision and management of Controlled Drugs.

A list of designated bodies can be found at Regulation 3 of The Regulations (updated by the Amendment Regulations

(a) the Regional Health and Social Care Board

(b) all Health and Social Care Trusts

(d) a relevant independent hospital

(e) the headquarters in Northern Ireland of regular or reserve forces

A list of responsible bodies can be found at Regulation 22 of The Regulations and comprise;

(a) All designated bodies set out above

(b) The Department of Health

(c) Regulation and Quality Improvement Agency

(d) Business Services Organisation

(e) Police Service of Northern Ireland

(f) Regulatory Bodies

Note, the definition of regulatory bodies was updated by the Amendment Regulations

4. Information Sharing Requirements

Regulation 25 of The Regulations “permits the sharing of information” by responsible bodies.

Regulation 25 (1) states that ‘A responsible body may disclose to any other responsible body any information in its possession or control which it reasonably considers it should share with that body for the purposes of—

(a) identifying cases in which action may need to be taken in respect of matters arising in relation to the management or use of controlled drugs by a relevant person;

(b) the consideration of issues relating to the taking of action in respect of such matters;

(c) the taking of action in respect of such matters.’

In addition to the quarterly occurrence report (defined in Regulation 29) provided to the LIN Chair, if the responsible body has determined that the LIN should be provided with information relating to the Relevant Person, the responsible body LIN representative shall provide the Chair of the LIN with the following information;

• Full name

• Profession

• Professional Registration Number (if applicable)

• National Insurance Number

• Controlled Drugs at centre of concern

• Employer(s) (to include both the main employer and any other organisation where the relevant person is employed if known to the reporting body

When a decision has been reached to share identifying information about the relevant person with the Chair of the LIN, the Accountable Officer sharing the information should document that decision making process and also establish at what point they might inform the relevant person that their identifying details are being passed to the LIN, and that further dissemination of the information amongst interested parties may occur. Officers and their responsible body may refer to the supporting document ‘Regional Controlled Drugs Local Intelligence Network (LIN) Guidelines for Disclosing Identifying Details of a Relevant Person’ which provides some useful detail in this respect.

Additional information sought under Regulation 26, will be characterised by the specifics of the matter under consideration.

‘Relevant person’ is defined in Section 19 of ‘The Health Act 2006’ as any person ‘carrying on, or engaged in, activities that involve, or may involve, the supply or administration of controlled drugs’. That individual may be ‘a health care professional, or an employee who is not a health care professional, or otherwise, is engaged in any activity carried on by a designated body, or by a body or person acting on behalf of, or providing services under arrangements made with, a designated body that involves, or may involve, the management or use of controlled drugs’

A ‘relevant person’ is further defined by Regulation 23 of ‘The Regulations, as;

(a) a health care professional who provides health care services to private patients other than at or from a relevant independent hospital, where doing so involves or may involve that health care professional in the supply or administration of controlled drugs

(b) an individual, not being a health care professional, who is engaged in any activity carried on with or on behalf of a health care professional as mentioned in paragraph (a) that involves or may involve that individual in the supply or administration of controlled drugs

(c) an individual (whether or not paragraph (a) or (b) also applies to that individual who –

(i) is registered under Part 111 of the 2003 Order as the manager of, or the person who is carrying on, a residential care home, a nursing home or a domiciliary care agency (referred to in this paragraph as a ‘registered person’) which involves that individual in the supply or administration of controlled drugs, or

(ii) not being the registered person, is or may be engaged in the supply or administration of controlled drugs which are carried on with or on behalf of that registered person

A ‘relevant person’ in the context of this Information Sharing Protocol extends to individuals employed within either the public sector or private sector or both and extends to both professional staff and non-professional staff. The definition extends to activities conducted by an individual across public and private sector bodies.

5. Purposes for Sharing Information

The purpose of this protocol is to provide a framework for the sharing of data, information and knowledge relating to the ordering, use, handling, prescribing, management or disposal of controlled drugs (CD) in order to achieve the following:

• Review or analysis of trends in CD use.

• Interpretation of CD data in relation to local influences.

• Identification of persons or groups of people who may be involved in inappropriate or illegal activity relating to CD, including professionals and others.

• Identifying “best practice” in the supervision of management and use of CDs.

• Identifying poor systems of control for the management of CDs.

• Raising concerns relating to any of the above.

• Referral of matters to professional bodies, employers or the Police Service of NI/Courts.

The sharing of information in the context of the LIN is encouraged by The Regulations and the Amended Regulations in particular at Regulation 25.

On occasion, it may be appropriate, necessary and legitimate to share patient identifiable information if the circumstances and context of the matter under consideration warrant.

Regulation 25(2) reminds us that where patient level information is being shared, patient identifiers should be removed if these details are not required by other organisations.

Regulation 25(3) further reminds us that where patient identifiers are necessary for the purpose for which the information is being shared, that where practicable, we should obtain the consent of the patient/s to whom the information we propose to share belongs, prior to transfer.

It is however reasonable to assume that there may be circumstances where it is neither practicable nor advisable to seek the consent of the patient, for example, in circumstances where alerting the patient to the proposed information sharing could in itself jeopardise an investigation. In these circumstances, members may wish to consider bringing this matter to the attention of the Chair of the LIN, or seek advice from their organisation’s legal advisor or Data Protection/Information Governance Responsible Officer.

Further examples of circumstances where sharing in the absence of patient consent may be reasonable, may be where a patient lacks capacity to consent for example due to dementia, being unconscious, having a significant mental health condition or a restricting learning disability with the ultimate test being whether the sharing of information is in the best interests of the patient.

In all circumstances, decisions and importantly the reasoning which results in the use, transfer and dissemination of patient identifiable information for the purpose of matters being considered by the LIN or which relate to the discharging of their statutory duties as defined by The Regulations and its Amendment, should be recorded, as members may be asked to justify that decision at a later date within the context of the governing regulations which facilitate and permit that sharing.

Regulation 26 provides for a Responsible body requesting additional information to be disclosed about relevant persons by another Responsible body. . In these circumstances, Officers might seek advice from the LIN Chair prior to the request being made. In respect of any subsequent sharing of information under a Regulation 26 request, and where patient identifiable information might be included in that information sharing, responsible bodies must comply with the provisions of Regulation 25, above.

6. Arrangements for Sharing Information

A bespoke database has been developed. Arrangements for sharing information via this database have been developed as defined in the User Manual. If manual transfers are required, then they will take place as follows:

Information which is not personally identifiable information and which could not identify a specific incident or individual through specific detail or context might be shared in any of the following formats:

• Face to face or telephone conversation

• Post

• E-mail

Where information identifies an organisation or practice or by virtue of specific details or context could identify a specific incident, information might be shared in the following ways:

• Face to face & telephone conversation conducted in private.

• Post using Royal Mail Special Delivery. Not Standard or Recorded/Signed for.

• Secure/Safe Haven fax (or secure faxing method).

• E-mail using a zip tool to protect the file containing the sensitive information by use of encryption.

7. Basic Information Security Requirements

All LIN members shall provide assurances to the Chair that their organisation on an annual basis-

• Is appropriately registered with the ICO or is exempt from registration.

• Has information security policies in place which restrict access to electronic systems by means of encryption, passwords and other organisational measures both electronic and protocol based.

• Has a data protection policy and an identified Data Protection Officer or sufficiently senior officer who has responsibility for data protection within their job description or remit.

• Has an officer with specific responsibility for IT Security or has a retained provider who can assist with IT Security.

• Has encrypted devices with a minimum 256 AES or equivalent as standard.

• Will only store LIN information on encrypted devices or in the case of manual records, in lockable cabinets.[2]

• Operates a secure shredding process (chip or confetti NOT strip shredder) or has a contracted secure shredding provider.

• Trains staff in confidentiality/Data Protection and information security policies regularly.

8. Legislative Context

The Regulations and the Amendment complement existing legislation which governs the collection, use and disclosure of the information required for the effective discharge of the statutory obligations placed on the members of LIN.

All responsible bodies represented on the LIN are also subject to the provisions of the following legal requirements:

• The Data Protection Act 1998

• The Human Rights Act 1998

• Common Law Duty of Confidentiality

• Freedom of Information Act 2000 (public sector bodies)

• Environmental Information Regulations 2004 (public sector bodies)

• Access to Health Records (Northern Ireland) Order 1993

In circumstances where the Chair deems the transfer of information to be urgent, for example in circumstances where an individual’s health could be adversely affected by a delay, and in the absence of specialist advice, any decision to transfer the information should be recorded and specialist advice sought at the earliest opportunity after the event.

These transfers may be considered by the Chair or jointly with another member or members of the LIN and recorded appropriately.

Additional detail on the legislation that supports and enables the work of the LIN, and facilitates sharing of information can be found within the supporting documents listed below:

• ‘Regional Controlled Drugs Local Intelligence Network (LIN) Guidelines for Disclosing Identifying Details of a relevant person’

• ‘Managing and Sharing Concerns’

In addition each agency/organisation signed up to this ISP may have their own legal or best practice framework that describes and governs their functions and dictate the circumstances under which personal and sensitive information may be shared.

It is the responsibility of each responsible body to ensure that any data sharing with the LIN is conducted legally and fairly and is done so within any legal framework which dictates or describes their role or function and complies with the legislation identified above, and with their own organisations supporting documents examples of which are listed at part 11.

Please note, Section 35 of the Data Protection Act 1998 provides an exemption from the non-disclosure provisions where disclosure is permitted by another piece of legislation. In the context of this agreement, LIN members may by virtue of the provisions of Regulation 17*, 25, 26 and 29 of the Regulations and the Amendment, disclose information without contravening the provisions of the Data Protection Act 1998. To ensure that members operate within this legislative framework, it is critical that members comply with the restrictions placed on sharing by Regulation 27, at all times. Failure to comply with the provisions of Regulation 27, may disengage Section 35 of the Data Protection Act, and expose the offending body to scrutiny and Regulatory action.

Note*: Regulation 17 and 29 are restricted to designated bodies and do not extend to responsible bodies other than designated bodies. Regulation 25, 26 extend to all responsible bodies, which include designated bodies.

9. Key Principles and Duties

In signing up to this ISP the signatories agree and commit to the following:

• This ISP aims to align with individual responsible body’s statutory, legal and common law duties. This Protocol is to be entered into alongside any existing protocols, procedures, policies and guidance to which the member already adheres and does not supersede them or circumvent them, with the exception of record keeping (see part 15), but is designed to complement existing policies.

• Information will only be used for the purpose or purposes described in this ISP, and within the framework of legislation that underpins the work of the LIN and its Terms of Reference.

• Member bodies will comply with the requirements of the Data Protection Act 1998 and the eight Data Protection Principles, with particular regard to Principle 7 when addressing the secure management of LIN information.

• Responsible bodies will support, endorse and promote the accurate, timely, secure and confidential sharing of information for the purposes stated in this ISP.

• Personal and sensitive information will only be shared with and by the LIN under this protocol where there is a statutory power to do so and when it is supported by the provisions of The Regulations (and Amendment, and it does not conflict with any other legislative regime.

• Where it is agreed that it is necessary to share personal information it will be shared only on a ‘need to know’ basis both within the LIN and within responsible bodies and to meet the requirements of Regulation 27, only with employees who are aware of the purpose the information has been received by the responsible body .

• Members agree to ensure that data sharing takes place in accordance with their existing organisational duties and that responsibility for ensuring that they have adequate notifications, privacy notices, policies, procedures and guidance informing staff or contractors of the responsible body’s statutory duty to share certain information under certain circumstances with the LIN, and what that sharing might entail, remains with the responsible body and is a matter for each responsible body to address with their employees, members or contractors/providers.

• Members will restrict the processing of information to officers within their respective organisations in line with Regulation 27. (see regulation 27(3)(a))

• Members of the LIN must ensure that they adhere to the requirements of the Regulations in respect of record creation and retention. (see part 15 of this ISP and Regulation 28)

• Members will, at the direction of the Chair of the LIN, permanently delete any information relating to a relevant person or incident that they have received from the LIN and the Chair may seek written confirmation that that deletion has taken place.

Responsible bodies and their Accountable Officers assist the Chair of the LIN in discharging his duties under Regulations and The Amended Regulations

10. Roles and Responsibilities of the Responsible Bodies’ Nominated Officers

Each member organisation of the LIN will be asked to approve this Information Sharing Protocol and in particular to:

• Facilitate the timely sharing of relevant information with the Chair of the LIN.

• Introduce and embed the Information Sharing Protocol within their respective organisation and facilitate training of those staff involved in the processing of information received from the LIN. (Regulation 27)

• Ensure that technical and organisational measures within their organisation are sufficient to protect any information received from the LIN to ensure that it is held securely, and only accessed by authorised and designated personnel.

• Act as a central point of advice and guidance for the staff within their organisation and ensure key personnel, including those involved in the management and use of controlled drugs are aware of their role and the LINs function and the potential for information sharing.

• Contribute to the monitoring, review and reporting of the activities of the LIN and any statistical analysis undertaken.

• All members must ensure that they establish adequate recording processes to ensure that they adhere to the requirements of the regulations in respect of record creation and retention in respect of decisions taking when collecting and sharing information with other members of the LIN (see part 15 of the ISP and Regulation 28)

• Ensure that they inform their Human Resource Lead of the purpose/s of the LIN and possible involvement of HR Staff. (see ‘Regional Controlled Drugs Local Intelligence Network (LIN) Guidelines for Disclosing Identifying Details of a Relevant Person’)

11. Supporting Document and Policies

It is important that LIN members commit to ensuring that all information sharing is in line with their own existing standards, policies and guidance and we would encourage the member to familiarise themselves with their organisations policies which address:

• Information Security

• Data Protection

• Confidentiality

• Freedom of Information Policy - where applicable

• Environmental Information Regulations 2004 -

Individual members of the LIN are responsible for ensuring their arrangements are sufficient to ensure information is held securely, accessed appropriately and disclosed legitimately and each organisation is responsible for monitoring their own processes and procedures to ensure compliance.

A number of supporting documents have been developed to assist members and their respective bodies to positively contribute to the work of the LIN. These documents provide helpful detail on the legislation that supports this information sharing agreement and which permits the proportionate and legitimate sharing of data, between members.

• ‘Regional Controlled Drugs Local Intelligence Network (LIN) Guidelines for Disclosing Identifying Details of a relevant person’

• ‘Managing and Sharing Concerns’

12. Governance, Monitoring and Review

The review, monitoring and amendment of this ISP will be undertaken by the Chair of the LIN. Formal review will be undertaken annually unless legislation or policy changes dictate otherwise.

New parties to this agreement may be included at any time, the formal arrangements for which will be managed by the Chair.

All amendments to the Protocol will be reported to and signed off by the Chair and recorded at an appropriate meeting.

In the event that an organisation represented on the LIN is the subject of a Data Loss which includes information received by or relating to the activities of the LIN or one of its members, the organisation’s nominated LIN representative should establish the extent of that data loss and immediately report it to the Chair of the LIN to enable appropriate actions to be taken as necessary by the Chair or other LIN members.

13. Freedom of Information

The Freedom of Information Act 2000 gives the public a general right of access to information held by a public authority or any publicly-funded organisation. In the event a LIN member organisation receives a request for access to information which it holds by virtue of its membership of the LIN or which relates to the LINs activities, the Chair of the LIN should be informed immediately and no later than the 5th working day after receipt of the request, As Chair, the Health and Social Care Board should be afforded an opportunity to contribute to the development of a response, and this might require other LIN members to be consulted. In the event the HSCB receives a request for information, it will consult with any relevant LIN member before reaching any decision in respect of the information which is being sought.

14. Data Protection (Section 7– Right of Access to Personal Information)

Under Section 7 of the Data Protection Act 1998, individuals have a right to seek access to any information that an organisation holds which relates to them or is about them. All members of the LIN will be involved in the sharing of information that relates to identifiable individuals, and may therefore receive a request from one or more of these individuals seeking access to the information that is held about them. Given the nature of the matters under consideration by the LIN, members should upon receipt of a written request for access to personal information held by virtue of their participation in the LIN, immediately inform the Chair of the LIN to seek direction, and if necessary, legal advice will be sought by the Chair. It is important that matters being considered by the LIN are not compromised through inappropriate or untimely release of information

15. Records Retention and Disposal Schedule

Regulation 28 requires a responsible body to create and keep a record of;

(a) a decision to disclose information under Regulation 25;

(b) details of the nature of the information disclosed;

(c) details of the body to which information was disclosed; and,

(d) any other details which the responsible body considers to be relevant to the disclosure.

(2) A responsible body shall keep a record of;

(a) any request received from another responsible body to disclose information under Regulation 26;

(b) details of the nature of any information disclosed;

(c) details of the responsible body to which the information was disclosed; and,

(d) any other details which the responsible body considers to be relevant to the disclosure.

(3) The records may be kept in paper or electronic format.

Given the potential for highly sensitive information to be received by and disseminated amongst members of the LIN, it is essential that a robust and effective records retention and disposal schedule be adopted by the LIN.

Information received by an organisation through its involvement in the LIN will not therefore fall within the existing Records Management ‘Retention and Disposal Schedule’ which operates within the member organisations, as this could result in differing retention periods being indirectly applied to LIN related information.

It is therefore proposed that an annual review be undertaken of information an organisation receives from the LIN and that upon review and based on the circumstances relating to that particular case, a decision is taken to either permanently destroy the record or to retain the record for a further 1 year period.

This case review mechanism will be undertaken in conjunction with the Chair and all other LIN members. A process to embed this within the LIN will be undertaken by the Chair in consultation with all members.

It is recognised that the organisation that passes information to the LIN holds the primary information and will continue to manage that information in line with their own records management policies and procedures. This review mechanism relates to copy information passed to LIN members and held due to their involvement in the LIN.

As stated at part 9 (bullet 10), the Chair can at any time require information to be permanently and verifiably deleted. The Chair can also require each member to update or amend information they may hold as and when it is deemed necessary to do so.

16. Conclusion

This protocol proposes to establish a consistent approach to the sharing of information between members of the LIN for the purposes of effectively operating a LIN in Northern Ireland for the benefit of the resident population within a described legislative framework.

All members need to be able to balance conflicting demands between the need to share sensitive personal information with other LIN members and the requirement to maintain confidentiality in respect of personal information.

These conflicting demands are acknowledged by this ISP and its supporting documents which provide a detailed analysis of the legislative framework which permits the sharing of sensitive personal data and provides the basis for partners to be confident that where information is shared it will be done so in a consistent, responsible and secure way.

The sharing of information between responsible bodies is provided for primarily within Regulations 17, 25, 26 and 29, with specific provision being made in Regulation 30 relating to information sharing in respect of matters relating to patient safety.

Regulation 31 as amended states that where information is shared in good faith under these Regulations and there are reasonable grounds for doing it, ‘Civil proceedings do not lie against a person in respect of loss, damage or injury of any kind suffered by another person as a result of the disclosure…’

Officers are reminded that disclosures to other LIN representatives and to the Chair of the LIN which are made in good faith and meet the requirements of the Regulations are protected.

Appendix 1

A list of Designated Bodies and their Accountable Officers can be accessed via the LIN Terms of Reference:



A list of all other Responsible Bodies and their Representatives is detailed in the table below:

|  |NAME & ADDRESS OF |  |

|ORGANISATION |NOMINATED |CONTACT DETAILS |

|  |REPRESENTATIVE |  |

|DoH (NI) |Professor Michael Mawhinney |Email: Michael.Mawhinney@health-.uk |

|  |Pharmaceutical Advice & Services |  |

|  |Room D4.6, |Tel: 028 9052 3348 |

|  |Castle Buildings |  |

|  |Upper Newtownards Road |  |

|  |Belfast, BT4 3SQ |  |

|DoH (NI) |Ms Shona Coy |Email: Shona.Coy@health-.uk |

| | | |

|  |Pharmaceutical Advice & Services |  |

|  |Room D4.3, |Tel: 028 9052 2669 |

|  |Castle Buildings |  |

|  |Upper Newtownards Road |  |

|  |Belfast, BT4 3SQ |  |

|Pharmaceutical |Mr Brendan Kerr |Email: brendan.kerr@.uk |

|Society of |Registrar |  |

|Northern Ireland |Pharmaceutical Society of N. Ireland |Tel: 028 9032 6927 |

|  |73 University Street |  |

|  |Belfast BT7 1HL |  |

|General Medical |Ms Joanne Donnelly |Email: jdonnelly@gmc- |

|Council |GMC Employer Liaison Adviser for |  |

|  |Northern Ireland |Tel: 0161 250 6842 / 07795950209 |

|  |Standards & Fitness to Practice |  |

|  |Directorate |  |

|  |General Medical Council |  |

| |3 Hardman Street, Manchester M3 3AW |  |

|General Dental |Katherine Boorer |Email: kboorer@gdc- |

|Council |Standards Policy Manager |  |

|  |General Dental Council |Tel: +44(0)20 7167 6397 |

|  |37 Wimpole Street |  |

|  |London W1G 8DQ |  |

|Nursing & |Mr David Porter |Email: employerlinkservice@nmc- |

|Midwifery |Nursing and Midwifery Council |  |

|Council |1st Floor |Tel: 020 7681 5979 |

|  |1 Kemble Street |  |

|  |London WC2B 4AN |  |

|  | |  |

|Health and Care |Ms Ciara O'Dwyer |Email: ciara.o'dwyer@hcpc- |

|Professions |Investigations Manager |  |

|Council |Health and Care Professions Council |Tel: 020 7840 9133 |

|  |184 Kennington Park Road |  |

|  |London SE11 4BU |  |

|Counter Fraud |Ms Donna Scott |Email: Donna.Scott@ |

|Unit of BSO |Counter Fraud and |  |

|  |Probity Services |Tel: 028 95362918 |

|  |Business Services Organisation |  |

| |2 Franklin St. | |

| |Belfast BT2 8DQ | |

|Northern Ireland Social |Ms Patricia Higgins |Email: patricia.higgins@niscc. |

|Care Council  |Director of Regulations and Standards | |

| |7th Floor |Tel: Ext 2983  |

| |Millennium House | |

| |19-25 Great Victoria Street | |

| |Belfast. BT2 7AQ | |

|Regulation & |Ms Frances Gault |Email: Frances.Gault@.uk |

|Quality |Senior Pharmacy Inspector |  |

|Improvement |The Regulation and Quality |Tel: 028 9051 7553 |

|Authority |Improvement Authority |  |

|  |9th Floor Riverside Tower |  |

|  |5 Lanyon Place, Belfast BT1 3BT |  |

|Police Service of |Detective Inspector Peter Mullan |Email: peter.mullan@psni.pnn.police.uk |

|Northern Ireland |C1 Organised Crime Branch |  |

|  |Antrim Road Police Station |Tel: 07500963400    |

|  |280 Antrim Road |  |

|  |Belfast, BT15 5AA |  |

-----------------------

[1] The Controlled Drugs (Supervision of Management and Use) Regulations (Northern Ireland) 2009 have been reviewed and updated by the introduction of the Controlled Drugs (Supervision of Management and Use) (Amendment) Regulations (Northern Ireland) 2015

[2] Introduction of the LIN Database may prompt a review of practices

................
................

In order to avoid copyright disputes, this page is only a partial summary.

Google Online Preview   Download