ICO reports data-training improvements at NHS trust
Cambridgeshire Community Services NHS Trust has improved some of the information governance issues exposed by investigations into a series of data losses and thefts, according to the Information Commissioner’s Office.
Trust chief executive Matthew Winn entered into an improvement undertaking with the ICO last year after a probe into the data breaches at the organisation, which provides a range of health services to residents in Cambridgeshire, Norfolk, Suffolk and Bedfordshire.
While the ICO investigation found that none of the incidents appeared to have caused substantial damage or distress to the individuals affected, it was discovered that trust employees were only required to refresh their information governance training every two years. An annual requirement was introduced nationally in 2013.
The ICO said the level of required mandatory annual refresher training at the trust had been “poor” at the time the improvement undertaking was signed.
In its just-published follow-up report, the ICO said the trust had confirmed the introduction of a range of measures to ensure information governance training was kept up to date.
It said an electronic staff record system had been introduced to enable monitoring of staff compliance with e-learning training on the Health and Social Care Information Centre website.
The ICO said the system was able to identify staff who were on long-term sick leave, maternity leave or secondment, ensuring compliance statistics were recorded accurately.
The follow-up report also said that e-mail reminders were sent to staff about their IG training, which had to be completed within three months of employment commencing, and annually thereafter.
The ICO said: “The review demonstrated that the trust has taken appropriate steps and put plans in place to address the requirements of the undertaking and to mitigate the risks highlighted.”
The improvement undertaking, signed by Winn and ICO head of enforcement Stephen Eckersley in July 2015 suggested that at the time of the data-loss incidents the previous year, only 49% of staff were compliant with information governance training requirements, and that a target of achieving full compliance by March 2015 had been missed.
The ICO said compliance had reached 95% by September 2015.
The spread of online misinformation during the Covid-19 pandemic has exacerbated a public health crisis. PublicTechnology digs into a recent parliamentary inquiry to find out...
Public Health Wales says leak that affected more than 18,000 people to have tested positive was attributable to ‘human error’
All parts of the NHS instructed to share information as required to support coronavirus response
Research director Tom Denwood explains how the national digital services agency has helped use information to better understand issues including effective treatments for Covid-19 and the...
Accessibility requirements aren’t restrictions that need to be overcome - they’re guidelines to improve online experiences for everyone, says Jadu VP Richard Friend