Information governance (IG) is a term used to describe how information is used. It covers system and process management, records management, data quality, data protection and the controls needed to ensure information sharing is secure, confidential and responsive to St George’s, University of London’s needs and the people it serves.
Information Governance starts with looking at how information is collected, how it is recorded (on paper and computers), how it is then stored, how it is used (whether for audit, research or performance management) and then on what basis it is shared with others, both inside and outside St George’s.
The principles of information governance
The principles of information governance incorporate a number of important policies or frameworks for using information, as required by the UK General Data Protection Regulations (GDPR), the Data Protection Act 2018, the NHS Digital Data Protection and Security Toolkit (NHS Digital provides St George’s with NHS-derived patient data) and elements of the international standard for information security management systems – ISO27001.
Information governance provides a unified approach for handling information, which complies with the law and outlines best practice. Within St George’s, this approach is called the IG Framework, which covers roles and responsibilities, policies and procedures, and training.
Useful documents