Information Sharing and Data Handling Sample Clauses

Information Sharing and Data Handling. ‌ . 10.1 The Parties agree to be bound by the Information Sharing Protocol and to continuance of the existing agreement to use the Scottish Information Sharing Toolkit and guidance from the Information Commissioners Office, in respect of information sharing. 10.2 The Parties have developed an Information Sharing Protocol which covers guidance and procedures for staff for sharing of information. 10.3 All staff managed within the delegated functions will be contractually required to comply and adhere to respective local information security policies and procedures including data confidentiality policies of their employing organisations and the requirements of the IJB’s agreed Information Sharing Protocol. 10.4 The Data Protection Officers of NHS Highland and Argyll and Bute Council, acting on behalf of the Parties, will meet annually, or more frequently, if required, to review the Information Sharing Protocol and will provide a report detailing recommendations for amendments, for the consideration of the IJB. 10.5 With regard to individually identifiable material, data will be held in both electronic and paper formats and only be accessed by authorised staff, in order to provide the patient or service user with the appropriate service. 10.6 In order to provide fully integrated services it will be necessary to share personal information between the parties and with external agencies. Where this is the case, the IJB will apply a legal basis contained in Article 6 of the General Data Protection Regulations (‘the GDPR’). Generally this will be either public task or legal obligation but, where appropriate, any of the other legal bases contained in Article 6 will be used. 10.7 Where the sharing consists of ‘special category’ information the legal basis for sharing will be consistent with the requirements of Article 9 of the GDPR and schedule 1 of the Data Protection Act 2018 (‘the DPA’). 10.8 In order to comply with the requirements of the DPA and the GDPR, the IJB will always ensure that personal data it holds will be processed in line with the Data Protection Principles contained within Article 5 of the GDPR and section 35- 40 of the DPA. 11 Complaints‌ The Parties agree the following arrangements in respect of complaints on behalf of, or by, service users. 11.1 Both Parties will retain separate complaints policies reflecting the distinct statutory requirements. 11.1.1 There will be a single point of contact for complainants. This will be agreed between the Parti...

Information Sharing and Data Handling. The Parties agree to be bound by the Data Sharing Protocol and to continuance of the existing agreement to use the Scottish Accord on the Sharing of Personal Information (SASPI), in respect of information sharing.

Information Sharing and Data Handling. 13.1 The Parties agree to be bound by the Data Sharing Protocol and to continuance of the existing agreement to use the Scottish Accord on the Sharing of Personal Information (SASPI), in respect of Information Sharing. 13.2 The Argyll & Bute Integration Joint Board will confirm their commitment to the Data Sharing Protocol and the Information Sharing Agreement and will be able to comment on the data and information sharing arrangements and associated procedures. 13.3 The Chief Officer will ensure appropriate arrangements are in place in respect of information governance and the requirements of the Information Commissioner’s Office. 13.4 All staff managed within the Partnership will be contractually required to comply with the data confidentiality policies of their employing organisations and the requirements of the Data Sharing Protocol that is agreed by the Argyll & Bute Integration Joint Board. 13.5 The Parties will establish a Data and Information Group to agree a high-level information sharing agreement. The existing Data Sharing Agreement in place between NHS Highland and Argyll and Bute Council will be developed to reflect the new Integration Joint Board arrangements and be implemented by the 31st March 2015. 13.6 With regard to individually identifiable material, data will be held in both electronic and paper formats and only be accessed by authorised staff, in order to provide the patient or service user with the appropriate service. In order to provide fully integrated services it may be necessary to share information within the Partnership and with external agencies, where this is the case the Partnership will seek the consent of the service user for the sharing of data, unless a statutory requirement exists. In order to comply with the Data Protection Act 1998, the Partnership will always ensure that personal data it processes will be handled fairly, lawfully and within justification. 13.7 In order to comply with the Data Protection Act 1988, the Partnership will ensure that any personal data that it holds will be processed in line with the Data Protection Principles contained within Schedule 1 of the Act.

Information Sharing and Data Handling. 10.1 The Parties agree to be bound by the Data Sharing Protocol and to continuance of the existing agreement to use the Scottish Accord on the Sharing of Personal Information (SASPI), in respect of information sharing. 10.2 The Parties have developed an Information Sharing Protocol which covers guidance and procedures for staff for sharing of information. 10.3 All staff managed within the delegated functions will be contractually required to comply and adhere to respective local information security policies and procedures including data confidentiality policies of their employing organisations and the requirements of Argyll and Bute Integration Joint Board’s agreed Information Sharing Protocol. 10.4 The Parties have established a group to agree the Information Sharing Protocol and procedures before 1st April 2016. Agreements and procedures will be reviewed annually by the group, or more frequently if required. The NHS Highland Information Assurance Group and Argyll and Bute Council Information Security Forum, acting on behalf of the Parties will meet annually to review the Protocol and will provide a report detailing recommendations for amendments, for the consideration of Argyll and Bute Integration Joint Board. In the event of amendment being required outside of that timescale the NHS Highland Information Assurance Group and Argyll and Bute Council Information Security Forum acting on behalf of the Parties will meet, agree the recommended amendment(s) and provide this information to the Chief Officer, who will then appropriately inform ▇▇▇▇▇▇ and Bute Integration Joint Board. 10.5 With regard to individually identifiable material, data will be held in both electronic and paper formats and only be accessed by authorised staff, in order to provide the patient or service user with the appropriate service. In order to provide fully integrated services it may be necessary to share information within the delegated functions and with external agencies. Where this is the case Argyll and Bute Integration Joint Board will seek the consent of the service user for the sharing of data, unless a statutory requirement exists. In order to comply with the Data Protection Act 1998, Argyll and Bute Integration Joint Board will always ensure that personal data it processes will be handled fairly, lawfully and within justification. 10.6 In order to comply with the Data Protection Act 1998 Argyll and Bute Integration Joint Board will ensure that any personal data that it hol...

Information Sharing and Data Handling. 10.1 The Council and the Health Board work along with all local authorities in Greater Glasgow and ▇▇▇▇▇ through the Joint Information & Health Systems Group (JIHS) to develop, review and maintain an Information Sharing Protocol. This will be available to the Integration Joint Board. The Parties shall work together to ensure that the Protocol is reviewed on an annual basis and that as part of this process the views of the Integration Joint Board will be canvassed and considered. 10.2 The Parties positively encourage their staff to share information appropriately about their service users when it benefits their care and when it is necessary to protect vulnerable adults or children. The document describes how the Parties will exchange information with each other - particularly information relating to identifiable living people, known legally as “personal data”. The purpose of the document is to explain why the partner organisations want to exchange information with each other and to put in place a framework which will allow this information to be exchanged in ways which respect the rights of the people the information is about, while recognising the circumstances in which staff must share personal data to protect others, without the consent of the individual. This Protocol complies with the laws regulating this, particularly the Data Protection Act 1998.

Information Sharing and Data Handling. 12.1 All information sharing and data handling arrangements relating to integrated services shall be in compliance with the DPA and the UK GDPR. 12.2 The Parties have agreed a supporting ISA in line with the Information Commissioner’s Office guidance on a staged basis of disclosure. This is now supporting an integrated approach to sharing information through the issue of a single shared information portal. 12.3 The Parties shall each ensure that its staff working within the Partnership shall be bound by a duty of confidentiality and are required to comply and adhere to each Party’s respective information governance and security policies and procedures of their employing organisations, including the requirements of the agreed ISA. 12.4 The Parties shall ensure that Information sharing arrangements, including any agreements, procedures and protocols in place between the Parties to enable the staff working within the Partnership to share such relevant information necessary are in place and such are reviewed annually or more frequently if required, by the Parties information governance leads. 12.5 The Parties shall ensure that Personal Data (as defined in the DPA) and Special Categories of Personal Data (as defined in the UK GDPR), is held in electronic and paper formats, and shall only be accessed by authorised staff who require to access for the purposes set out in the Act. 12.6 The Parties acknowledge that in order to provide fully integrated health and social care services, it will be necessary to share Personal Data of the person or people being supported by health and/or social care with external agencies not party to this Integration. In these instances, the relevant Party shall obtain the explicit consent of the Data Subject (as defined in the DPA), or their lawfully recognised representative, unless an overriding statutory requirement or exemption

Information Sharing and Data Handling. Implementing this MoU will require the IMA and SG to exchange information. All arrangements for collaboration and exchange of information set out in this MoU and any supplementary agreements will take account of, and comply with, all relevant legislation and any IMA and SG codes of practice, frameworks or other policies relating to confidential personal information. The IMA and SG will have UK GDPR and DPIA obligations. It is acknowledged that the IMA will require information sharing from SG and as such the IMA will need to sign up to the data sharing agreements that SG will have in operation for such information to be released; and assist fully with DPIA considerations. The IMA and SG are committed to the fair, lawful and transparent handling of data. Only those personnel that need access to and use of the personal data in order to carry out their assigned duties correctly, will be permitted access the data held. All personnel handling data should be made fully aware of their individual responsibilities and should be appropriately trained to handle such data. The IMA and SG must comply with the following when processing personal data: • Personal data must always be handled with care and must not be shared with any IMA or SG colleague or any third party without authorisation. • Physical records must not be left unattended or in the view of unauthorised IMA or SG employees, agents, contractors, or other parties at any time and must not be removed from the business premises without authorisation. • If personal data is being viewed on a computer screen and the computer in question is to be left unattended for any period, the IMA or SG user must lock the computer and screen before leaving it. • Any and all physical copies of personal data, along with any electronic copies stored on physical, removable media, should be stored securely in a locked filing cabinet, drawer, box or similar. • All electronic copies of personal data are to be stored securely using passwords which are changed regularly, and which do not use words or phrases that can be easily guessed or otherwise compromised. • Personal data must not be transferred to any device personally belonging to an IMA or SG employee or transferred or uploaded to any personal file sharing, storage, communication, or equivalent service (such as a personal cloud service). • Personal data may only be transferred to devices belonging to agents, contractors, or other parties working on behalf of the IMA or SG where t...

Information Sharing and Data Handling. 10.1 Along with a number of other stakeholders, the Parties are members of the Ayrshire and Arran Data Sharing Partnership, which is a group that ensures there are appropriate, high-level information sharing protocols in place to govern information sharing and data handling arrangements. The Parties have ratified the Ayrshire and Arran Protocol for Sharing Information (the “Protocol”). The Protocol provides a statement of principles on data sharing issues, and general guidance to staff on sharing information in relation to the Services.‌‌‌‌‌‌‌‌ 10.2 Within a month of the first meeting of the Integration Joint Board the Parties will request the Data Sharing Partnership extends an invitation to the Integration Joint Board to become a member and will invite the Integration Joint Board to be a party to the Protocol. Any reasonable amendments to the Protocol proposed by the Integration Joint Board will be considered through the Data Sharing Partnership. 10.3 The Parties acknowledge that the Protocol has been reviewed and revised to take into consideration the terms of the Act. 10.4 The Parties shall work together to ensure that the Protocol is reviewed on a two yearly basis and that as part of this process the views of the Integration Joint Board will be canvassed and considered. 10.5 The Parties have developed and agreed an information sharing agreement (the “Information Sharing Agreement”) to define the processes and procedures that will apply to sharing information for any purpose connected with the preparation of the Scheme, the preparation of a Strategic Plan or the carrying out of integration functions. Within a month of the first meeting of the Integration Joint Board, the Board will be invited by the parties to review the Information Sharing Agreement and become a party to it. 10.6 The Parties undertake to review the Information Sharing Agreement on an annual basis with the Integration Joint Board.

Information Sharing and Data Handling. 10.1 Fife Council, NHS Fife and the Fife IJB have developed and agreed an over- arching Information Sharing Agreement (ISA) which governs and supports the sharing of personal information between the Fife partner agencies. 10.2 The ISA utilises the templates and guidance provided in the Scottish Government’s information Sharing Toolkit, which was developed as a data sharing standard for public bodies. The Toolkit aligns with the Data Sharing Code of Practice published by the Information Commissioner and takes account of changes introduced through the EU General Data Protection Regulation (GDPR) and the UK Data Protection Act 2018. 10.3 The ISA will be reviewed by the IJB every two years, or sooner if appropriate. 10.4 To support the ongoing integration of health and social care services, further data sharing agreements, work instructions and related guidance for practitioners will be developed as required together with relevant data processing agreements. This approach ensures that information sharing and processing arrangements will continue to meet both operational needs and the legislative requirements of the evolving external environment as the IJB is now a Category 1 Responder.