HANDI HEALTH, profile picture
Uploaded byHANDI HEALTH
640 views

Information governance considerations in developing healthcare applications

This document discusses information governance considerations for developing healthcare applications. It outlines requirements from the Data Protection Act (1998) to ensure personal data is accurate, secure, and not kept longer than necessary. It also discusses Caldicott Guidelines around justifying the purpose of collecting patient data and only collecting minimum necessary data. The document provides guidance on developing accurate, secure applications that collect only necessary data and don't retain data longer than required, in compliance with relevant regulations and standards.

Embed presentation

Information Governance considerations in developing Healthcare Applications Andrew Glover Head of Information (Governance & Services) Leeds Teaching Hospitals
Data Protection Act (1998) • Personal Data relating to living individuals – Accurate – Secure – Not excessive (only collect data that is required) – Not kept longer than necessary – Should not be transferred/held outside the EEA Deceased Patients are covered by the Common Law of Confidentiality
Caldicott Guidelines • Justify the purpose(s) • Don't use patient identifiable information unless it is absolutely necessary • Use the minimum necessary patient-identifiable information • Access to patient identifiable information should be on a strict need-to-know basis • Everyone with access to patient identifiable information should be aware of their responsibilities • Understand and comply with the law
Developing Applications • Accurate – Data Entry Accuracy (Master File driven, linked field selection) – Missing / Invalid Data Reports – Consider feeding demographic data from primary patient system • Secure – Username & Password or Smartcard (consider role based access) – Transaction Log (Access, Add & Update) – Session Timeout – De-Identification – Patient identifiable information should cache to secure devices / servers
Developing Applications • Not Excessive – Only collect the data that is required for the purpose of the application • Not kept longer than required – Retention Schedule of the Records Management: NHS Code of Practice – Consider building retention date into application • Should not be transferred outside the EEA – Cloud computing (where is data held)
Other considerations • Subject Access Request / ATHR • Ensure Application can interface with other Healthcare systems • From 2015 NHS Number is mandated for primary patient identifier • Equality & Diversity Information • Be adaptable to changes in legislation – Changes to European Directive – Caldicott review
Reference Data Protection Act (1998) http://www.legislation.gov.uk/ukpga/1998/29/contents Caldicott Guidelines http://www.connectingforhealth.nhs.uk/systemsandservices/info gov/caldicott Records Management: NHS Code of Practice http://www.dh.gov.uk/en/Publicationsandstatistics/Publications/P ublications PolicyAndGuidance/DH_4131747 Connecting for Health http://www.connectingforhealth.nhs.uk/

More Related Content

PPTX
HIPAA-HITECH-MU Simplified
byGretchen Husted
 
PDF
mHealth Summit EU 2015
by3GDR
 
PPTX
Trends in EU regulation of software as medical device
byErik Vollebregt
 
PPTX
BEMR
byAbhishek sharma
 
PPTX
FHIR in Finland at DevDays 2019
byMikael Rinnetmäki
 
PPTX
Annual environment and health conference 2018 fionnuala donohue hse epa data ...
byEnvironmental Protection Agency, Ireland
 
PPTX
MMA roadshow m health summit europe
byErik Vollebregt
 
PPTX
RxNT - Software Finder
bySoftware Finder
 
HIPAA-HITECH-MU Simplified
byGretchen Husted
 
mHealth Summit EU 2015
by3GDR
 
Trends in EU regulation of software as medical device
byErik Vollebregt
 
BEMR
byAbhishek sharma
 
FHIR in Finland at DevDays 2019
byMikael Rinnetmäki
 
Annual environment and health conference 2018 fionnuala donohue hse epa data ...
byEnvironmental Protection Agency, Ireland
 
MMA roadshow m health summit europe
byErik Vollebregt
 
RxNT - Software Finder
bySoftware Finder
 

What's hot

PPTX
Mma roadshow mHealth in the EU
byErik Vollebregt
 
PPTX
3d printing and biofabrication
byErik Vollebregt
 
PPTX
Medical device data protection and security
byErik Vollebregt
 
PPTX
EU Medical Device Clinical Research under the General Data Protection Regulation
byErik Vollebregt
 
PPTX
Medicate me
byAli Kazım Sandal
 
PPTX
EU General Data Protection Regulation top 8 operational impacts in personal c...
byErik Vollebregt
 
PPTX
Health Database and Regulations in Taiwan (APrIGF2018)
byYingChu Chen
 
PPTX
Transparency under the new MDR and IVDR
byErik Vollebregt
 
PPTX
KFSH HITA
byHussein Malki
 
PPTX
Recent and future developments in UDI for medical devices in the EU
byErik Vollebregt
 
PDF
The Finnish Law on Forced Integration of Patient Records
byPlan de Calidad para el SNS
 
PPTX
Privacy of patient data versus patient safety. HIMSS Europe, Nov 6, 2014
byArjen Noordzij
 
PDF
ICIC 2014 New Product Introduction BizInt
byDr. Haxel Consult
 
PDF
Inf10 charlotte gastro_infographic
byNextGen Healthcare
 
PDF
Covid19 and need for datasharing webinar - 04/march/2020
byKumar Satyam
 
PPT
Kirsten Van Gossum - privacy in relation to technology in the (health)care
byimec.archive
 
PPTX
Pavel Smirnov, Health Samurai - FHIR business opportunities
byHealthDev
 
PPTX
Medica 21 november 2013
byAxon Lawyers
 
PPTX
14 Advantages of Data Centralization in Clinical Trials
byQuanticate
 
PDF
The Use of the eID for Health Professionals within the Nationwide Infrastruct...
byPlan de Calidad para el SNS
 
Mma roadshow mHealth in the EU
byErik Vollebregt
 
3d printing and biofabrication
byErik Vollebregt
 
Medical device data protection and security
byErik Vollebregt
 
EU Medical Device Clinical Research under the General Data Protection Regulation
byErik Vollebregt
 
Medicate me
byAli Kazım Sandal
 
EU General Data Protection Regulation top 8 operational impacts in personal c...
byErik Vollebregt
 
Health Database and Regulations in Taiwan (APrIGF2018)
byYingChu Chen
 
Transparency under the new MDR and IVDR
byErik Vollebregt
 
KFSH HITA
byHussein Malki
 
Recent and future developments in UDI for medical devices in the EU
byErik Vollebregt
 
The Finnish Law on Forced Integration of Patient Records
byPlan de Calidad para el SNS
 
Privacy of patient data versus patient safety. HIMSS Europe, Nov 6, 2014
byArjen Noordzij
 
ICIC 2014 New Product Introduction BizInt
byDr. Haxel Consult
 
Inf10 charlotte gastro_infographic
byNextGen Healthcare
 
Covid19 and need for datasharing webinar - 04/march/2020
byKumar Satyam
 
Kirsten Van Gossum - privacy in relation to technology in the (health)care
byimec.archive
 
Pavel Smirnov, Health Samurai - FHIR business opportunities
byHealthDev
 
Medica 21 november 2013
byAxon Lawyers
 
14 Advantages of Data Centralization in Clinical Trials
byQuanticate
 
The Use of the eID for Health Professionals within the Nationwide Infrastruct...
byPlan de Calidad para el SNS
 

Similar to Information governance considerations in developing healthcare applications

PDF
Things you need to know about info governance to sell healthtech products int...
by3GDR
 
PDF
Health data - Is it safe?
byAlex Beisser MBCS
 
PPTX
Confidentiality and Data Protection in Health Care
byVaileth Mdete
 
PDF
3.5 Governance at scale - Hayden Thomas
byNHS England
 
PPTX
Information governance
byGerardo Medina
 
PPT
The caldicott role in general practice vo presentation
byOutlookSouthWest
 
PPTX
Governance And Data Protection In The Health Sector - Billy Hawkes
byhealthcareisi
 
PDF
Intro to information governance booklet
byGerardo Medina
 
PPTX
Transforming Healthcare Boosting Data Security and Efficiency with AI.pptx
byDr Calvin Isaac Daniel
 
PPTX
Information Governance Environment - Beverly Carter
byHealth Innovation Wessex
 
PPT
Understanding basics of software development and healthcare
byBharadwaj PV
 
PPT
Clinical Handover 2011(Rmcg)
bylazaruss
 
PPTX
Week+five+hcs+483
byhlholcomb
 
PDF
Digital transformation to enable a FAIR approach for health data science
byVarsha Khodiyar
 
PPTX
Legal barriers to better use of health data to deliver pharmaceutical innovation
byOffice of Health Economics
 
PPTX
Can the NHS survive with externally controlled and digitally excluded patients
byAmirHannan1
 
PPTX
GDPR challenges for the healthcare sector and the practical steps to compliance
byIT Governance Ltd
 
PPT
The Challenging and Changing Face of NHS Information Governance - Paper Deliv...
byAndrew Harvey BA (Hons), MA, CISMP
 
PPTX
Health tech slides 12 june 2019
byBrowne Jacobson LLP
 
PDF
NHIN Workgroup Recommendation
byBrian Ahier
 
Things you need to know about info governance to sell healthtech products int...
by3GDR
 
Health data - Is it safe?
byAlex Beisser MBCS
 
Confidentiality and Data Protection in Health Care
byVaileth Mdete
 
3.5 Governance at scale - Hayden Thomas
byNHS England
 
Information governance
byGerardo Medina
 
The caldicott role in general practice vo presentation
byOutlookSouthWest
 
Governance And Data Protection In The Health Sector - Billy Hawkes
byhealthcareisi
 
Intro to information governance booklet
byGerardo Medina
 
Transforming Healthcare Boosting Data Security and Efficiency with AI.pptx
byDr Calvin Isaac Daniel
 
Information Governance Environment - Beverly Carter
byHealth Innovation Wessex
 
Understanding basics of software development and healthcare
byBharadwaj PV
 
Clinical Handover 2011(Rmcg)
bylazaruss
 
Week+five+hcs+483
byhlholcomb
 
Digital transformation to enable a FAIR approach for health data science
byVarsha Khodiyar
 
Legal barriers to better use of health data to deliver pharmaceutical innovation
byOffice of Health Economics
 
Can the NHS survive with externally controlled and digitally excluded patients
byAmirHannan1
 
GDPR challenges for the healthcare sector and the practical steps to compliance
byIT Governance Ltd
 
The Challenging and Changing Face of NHS Information Governance - Paper Deliv...
byAndrew Harvey BA (Hons), MA, CISMP
 
Health tech slides 12 june 2019
byBrowne Jacobson LLP
 
NHIN Workgroup Recommendation
byBrian Ahier
 

More from HANDI HEALTH

PDF
NHS England share Code4Health Challenge
byHANDI HEALTH
 
PPTX
HANDI Summit 18 - Introducing HANDI-HOPD - Ewan Davis
byHANDI HEALTH
 
PPTX
HANDI Summit 18 - Introducing HANDI-HOPD - Dr Ian McNicoll
byHANDI HEALTH
 
PPTX
HANDI Arctic Conf 2014
byHANDI HEALTH
 
PDF
HANDI at Healthcare Innovation Expo
byHANDI HEALTH
 
PPTX
Emily Ashurst - Diabetes App Challange
byHANDI HEALTH
 
PPTX
Ian Grimley - Roxburgh Milkins LLP
byHANDI HEALTH
 
PPT
EU Medical Device Directive Newcastle May
byHANDI HEALTH
 
PDF
HANDI Health - Innovation?
byHANDI HEALTH
 
PPTX
Hello HANDI
byHANDI HEALTH
 
PDF
Service design
byHANDI HEALTH
 
PDF
Why is interoperability hard
byHANDI HEALTH
 
PDF
Apps in the clinical domain
byHANDI HEALTH
 
PDF
Hello HANDI
byHANDI HEALTH
 
NHS England share Code4Health Challenge
byHANDI HEALTH
 
HANDI Summit 18 - Introducing HANDI-HOPD - Ewan Davis
byHANDI HEALTH
 
HANDI Summit 18 - Introducing HANDI-HOPD - Dr Ian McNicoll
byHANDI HEALTH
 
HANDI Arctic Conf 2014
byHANDI HEALTH
 
HANDI at Healthcare Innovation Expo
byHANDI HEALTH
 
Emily Ashurst - Diabetes App Challange
byHANDI HEALTH
 
Ian Grimley - Roxburgh Milkins LLP
byHANDI HEALTH
 
EU Medical Device Directive Newcastle May
byHANDI HEALTH
 
HANDI Health - Innovation?
byHANDI HEALTH
 
Hello HANDI
byHANDI HEALTH
 
Service design
byHANDI HEALTH
 
Why is interoperability hard
byHANDI HEALTH
 
Apps in the clinical domain
byHANDI HEALTH
 
Hello HANDI
byHANDI HEALTH
 

Recently uploaded

PPTX
Atrial Fibrillation and difference with Atrial flutter
byrashamarei
 
PPTX
ACTINOMYCETES- Introduction,Pathogenesis,clinical manifestations,Epidemiology...
byAmeenKhan59
 
PPTX
SAPIENT3.0 Medi-trivia Quiz (FINALS) | F.A.Q. 2025
byDr. Anindya
 
PDF
Antitubercular agents medicinal chemistry.pdf
byPrerana Jadhav
 
PPTX
BENIGN BREAST DISEASES BBD/ Fibroadenoma, Fibrocystic Diseases/ ANDI.pptx
byDr Sushil Gyawali
 
PPTX
WHEN NOT TO DO TENDOACHILLES TENOTOMY.pptx
byUmeshPrasadChoudhary
 
PPTX
Venous cutdown for Surgery Viva, MBBS Students
byCBME SURGERY
 
PPTX
sinusitis.....................................pptx
by62cjjqfcvg
 
PPTX
Nocardia.-Introduction,Morphology,Classification,Pathogenesis,Epidemiology,Cl...
byAmeenKhan59
 
PDF
A beginner-friendly introduction to gym training
bydarrennickerson2
 
PPTX
HYPERTENSION III SEMESTER ADULT HEALTH NURSING-I
bykeerthi samuel
 
PPTX
Sympathetic Nervous System in Pain Medicine | Anatomy, CRPS & Sympathetic Blo...
byDaradia: The Pain Clinic
 
PPTX
Odontogenic Keratocyst sjdjjdjdjdjjd.pptx
bypapiyadharnet
 
PPTX
Fracture, Cleavage , Lustre examples.pptx
byDr Aparna, GJPIASR Anand
 
PPTX
Introduction to Geriatric Nursing,Theory
bynabina paneru
 
PDF
Artículo Biomol Interaction between ZMIZ2 and AR promotes prostate cancer pro...
bySebastianCastrillon10
 
PPTX
ANTIMICROBIAL STEWARDSHIP PROGRAME Vijay.pptx
byVIJAYARengan1
 
PDF
Seminario biología molecula - EBV-miR-BART5-3p
bysalvarez1862004
 
PPTX
ICU setup Admission & discharge criteria.pptx
bySanjuSharma228703
 
PDF
Preparing Medicare Cost Reports Seems Easy Until It's Not
byNMP Professional Services, Inc
 
Atrial Fibrillation and difference with Atrial flutter
byrashamarei
 
ACTINOMYCETES- Introduction,Pathogenesis,clinical manifestations,Epidemiology...
byAmeenKhan59
 
SAPIENT3.0 Medi-trivia Quiz (FINALS) | F.A.Q. 2025
byDr. Anindya
 
Antitubercular agents medicinal chemistry.pdf
byPrerana Jadhav
 
BENIGN BREAST DISEASES BBD/ Fibroadenoma, Fibrocystic Diseases/ ANDI.pptx
byDr Sushil Gyawali
 
WHEN NOT TO DO TENDOACHILLES TENOTOMY.pptx
byUmeshPrasadChoudhary
 
Venous cutdown for Surgery Viva, MBBS Students
byCBME SURGERY
 
sinusitis.....................................pptx
by62cjjqfcvg
 
Nocardia.-Introduction,Morphology,Classification,Pathogenesis,Epidemiology,Cl...
byAmeenKhan59
 
A beginner-friendly introduction to gym training
bydarrennickerson2
 
HYPERTENSION III SEMESTER ADULT HEALTH NURSING-I
bykeerthi samuel
 
Sympathetic Nervous System in Pain Medicine | Anatomy, CRPS & Sympathetic Blo...
byDaradia: The Pain Clinic
 
Odontogenic Keratocyst sjdjjdjdjdjjd.pptx
bypapiyadharnet
 
Fracture, Cleavage , Lustre examples.pptx
byDr Aparna, GJPIASR Anand
 
Introduction to Geriatric Nursing,Theory
bynabina paneru
 
Artículo Biomol Interaction between ZMIZ2 and AR promotes prostate cancer pro...
bySebastianCastrillon10
 
ANTIMICROBIAL STEWARDSHIP PROGRAME Vijay.pptx
byVIJAYARengan1
 
Seminario biología molecula - EBV-miR-BART5-3p
bysalvarez1862004
 
ICU setup Admission & discharge criteria.pptx
bySanjuSharma228703
 
Preparing Medicare Cost Reports Seems Easy Until It's Not
byNMP Professional Services, Inc
 

Information governance considerations in developing healthcare applications

  • 1.
    Information Governance considerationsin developing Healthcare Applications Andrew Glover Head of Information (Governance & Services) Leeds Teaching Hospitals
  • 2.
    Data Protection Act(1998) • Personal Data relating to living individuals – Accurate – Secure – Not excessive (only collect data that is required) – Not kept longer than necessary – Should not be transferred/held outside the EEA Deceased Patients are covered by the Common Law of Confidentiality
  • 3.
    Caldicott Guidelines • Justifythe purpose(s) • Don't use patient identifiable information unless it is absolutely necessary • Use the minimum necessary patient-identifiable information • Access to patient identifiable information should be on a strict need-to-know basis • Everyone with access to patient identifiable information should be aware of their responsibilities • Understand and comply with the law
  • 4.
    Developing Applications • Accurate – Data Entry Accuracy (Master File driven, linked field selection) – Missing / Invalid Data Reports – Consider feeding demographic data from primary patient system • Secure – Username & Password or Smartcard (consider role based access) – Transaction Log (Access, Add & Update) – Session Timeout – De-Identification – Patient identifiable information should cache to secure devices / servers
  • 5.
    Developing Applications • NotExcessive – Only collect the data that is required for the purpose of the application • Not kept longer than required – Retention Schedule of the Records Management: NHS Code of Practice – Consider building retention date into application • Should not be transferred outside the EEA – Cloud computing (where is data held)
  • 6.
    Other considerations • SubjectAccess Request / ATHR • Ensure Application can interface with other Healthcare systems • From 2015 NHS Number is mandated for primary patient identifier • Equality & Diversity Information • Be adaptable to changes in legislation – Changes to European Directive – Caldicott review
  • 7.
    Reference Data Protection Act (1998) http://www.legislation.gov.uk/ukpga/1998/29/contents Caldicott Guidelines http://www.connectingforhealth.nhs.uk/systemsandservices/info gov/caldicott Records Management: NHS Code of Practice http://www.dh.gov.uk/en/Publicationsandstatistics/Publications/P ublications PolicyAndGuidance/DH_4131747 Connecting for Health http://www.connectingforhealth.nhs.uk/