New guidance to improve patient safety and strengthen safeguards around the use of personal health information has been published today by the Health Information and Quality Authority (HIQA).

Information plays a vitally important role in the delivery of a safe and effective health and social care system. HIQA’s Guidance on information governance for health and social care services in Ireland has been developed to support senior managers working in health and social care.

Professor Jane Grimson, Director of Health Information and Deputy Chief Executive of HIQA, said: “The timely availability of good quality information is vital to the delivery of a modern safe and effective health and social care system whether the information is being used to deliver care, make clinical decisions, for quality improvement, or for planning. It is critical that appropriate governance arrangements are in place to assure the quality of the information, that it is appropriately used and that the privacy of service users’ information is protected.”

There have been a number of high profile data protection breaches in the Irish health service in recent years. This guidance is aimed at helping healthcare professionals to improve how the health service handles patient information, and it provides practical examples on how to help prevent breaches from happening.

“Information about patients is needed to support care delivery in many ways, such as making decisions on appropriate care or generating alerts if the patient’s condition gives cause for concern. This is why information must accompany patients as they move through the system, otherwise critical decisions on their care run the risk of being made based on incomplete or inaccurate information,” Professor Grimson said.

The guidance also provides detailed direction on how good information governance will support health and social care providers become compliant with the new requirements under the National Standards for Safer Better Healthcare.

It is vitally important to have appropriate management structures in place to support information governance. Governance and management structures support good information governance practices by:

• setting out the service’s accountability arrangements for information governance as part of its overall governance structures so that all staff and management are aware of their responsibilities
• supporting staff, including managers and clinicians, to do the right thing or make the right decision at the right time
• embedding a culture of good information governance throughout the service
• promoting and supporting continuous improvements in the delivery of quality, safe and reliable health and social care services.

Professor Grimson continued: “The effective use of information, and particularly the sharing of information, ensures that patients trust that their information will be used appropriately and that their privacy will be protected. Equally health and social care professionals must have confidence in the quality of that information. Such trust can only exist if the quality of the information is assured and personal health information is protected from unauthorised disclosure.

“Most members of staff in the health and social care services have responsibility for handling personal health information in some capacity. This guidance is aimed at helping them to meet their obligations and duty of care to their patients and other service users.”

Further Information: 

Marty Whelan, Head of Communications and Stakeholder Engagement, Health Information and Quality Authority, 01 814 7481/ 086 244 7623/ mwhelan@hiqa.ie

Notes to the Editor: 

• This guidance is the first in a series of guidance documents from HIQA aimed at supporting the successful implementation of the National Standards for Safer Better Healthcare published by HIQA in June 2012 and mandated by the Minister for Health.
• The National Standards are structured around 8 themes for quality and safety. Theme 8 of the National Standards, Use of Information, identifies that quality information is an important resource for service providers in planning, managing, delivering and monitoring high quality and safe services.
• What is personal health information?
  Data can be defined as raw facts and statistics before they have been organised or put into context. Once data are collated and analysed to produce something useful, they then become information. Personal health information is defined as information, recorded in any form or medium, which is created or communicated by an organisation or individual relating to the past, present or future care of an individual or cohort.
• What is information governance?
  Information governance provides a means of bringing together all the relevant legislation, guidance and evidence-based practice that apply to the handling of information and offers a consistent way for people working in health and social care to deal with the many different legal provisions, guidance, and professional codes of conduct that apply to handling personal health information.
• What is privacy?
  In the context of health and social care, privacy can be defined as the right of individuals to prevent information about them from being disclosed and service providers, as data controllers, are obliged to uphold this right.