Information Sharing and Data Handling. 12.1 All information sharing and data handling arrangements relating to integrated services shall be in compliance with the DPA and the UK GDPR. 12.2 The Parties have agreed a supporting ISA in line with the Information Commissioner’s Office guidance on a staged basis of disclosure. This is now supporting an integrated approach to sharing information through the issue of a single shared information portal. 12.3 The Parties shall each ensure that its staff working within the Partnership shall be bound by a duty of confidentiality and are required to comply and adhere to each Party’s respective information governance and security policies and procedures of their employing organisations, including the requirements of the agreed ISA. 12.4 The Parties shall ensure that Information sharing arrangements, including any agreements, procedures and protocols in place between the Parties to enable the staff working within the Partnership to share such relevant information necessary are in place and such are reviewed annually or more frequently if required, by the Parties information governance leads. 12.5 The Parties shall ensure that Personal Data (as defined in the DPA) and Special Categories of Personal Data (as defined in the UK GDPR), is held in electronic and paper formats, and shall only be accessed by authorised staff who require to access for the purposes set out in the Act. 12.6 The Parties acknowledge that in order to provide fully integrated health and social care services, it will be necessary to share Personal Data of the person or people being supported by health and/or social care with external agencies not party to this Integration. In these instances, the relevant Party shall obtain the explicit consent of the Data Subject (as defined in the DPA), or their lawfully recognised representative, unless an overriding statutory requirement or exemption
Appears in 2 contracts
Sources: Integration Scheme, Integration Scheme