NHS Connecting for Health ceased to exist on 31st March 2013. This website is therefore not being updated. For up to date information about systems and services visit the Health and Social Care Information Centre website at www.hscic.gov.uk/systems

You are here: Home Services & Applications Information Governance (IG) Information Governance FAQs

Information Governance - frequently asked questions

What is Information Governance?

Information Governance provides a framework to bring together all the legal rules, guidance and best practice that apply to the handling of information, allowing:

  • implementation of central advice and guidance;
  • compliance with the law;
  • year on year improvement plans.

At its heart, Information Governance is about setting a high standard for the handling of information and giving organisations the tools to achieve that standard. The ultimate aim is to demonstrate that an organisation can be trusted to maintain the confidentiality and security of personal information, by helping individuals to practice good information governance and to be consistent in the way they handle personal and corporate information.  

There are many different standards and legal rules that apply to information handling, including:

  • The Data Protection Act 1998.
  • The common law duty of confidence.
  • The Confidentiality NHS Code of Practice.
  • The NHS Care Record Guarantee for England.
  • The Social Care Record Guarantee for England.
  • The international information security standard: ISO/IEC 27002: 2005.
  • The Information Security NHS Code of Practice.
  • The Records Management NHS Code of Practice.
  • The Freedom of Information Act 2000.

Due to the range and complexity of the standards and legal rules, the Department of Health has developed sets of information governance requirements, available in the IG Toolkit, which enable NHS and partner organisations to measure their compliance. The requirements cover all aspects of information governance including:

  • data protection and confidentiality;
  • information security;
  • information quality;
  • health / care records management;
  • corporate information.

A set of responses to frequently asked questions has been compiled from queries received via the Helpdesk and during IG events held by the IG Policy Team, and you may find the answer to your query within these responses.  If you can't find the answer you are looking for, queries about Information Governance can be addressed to the Helpdesk at exeter.helpdesk@nhs.net or on 0845 3713671 - Mon-Fri, 8am-5pm. 

There are also downloadable templates and model documents that may assist organisations when carrying out an IG Toolkit assessment. Please visit resources pack for these.