Clinical and Information Governance Solutions for Healthcare

Solutions

TCF

MiFID

KYC

Healthcare

Mobile Usage

Job Descriptions and Occupational Standards

The Recording and Processing of Minutes

Health & Safety Policies and Procedures

eLearning

International Standards

Top Downloads

Documents

jComply Brochure

jComply Accident and Incident
Management

Data Sheets

TCF

Healthcare

Articles

The Legal Minefield of Data
Protection, 1st October 2009

Changing Science in Compliance
21 January 2009

Case Study

RK Healthcare Services
Case Study

Central Markets Case Study

Smooth Pharmaceuticals
Case Study

What is Clinical Governance?
Clinical governance states that organizations and individuals are required to abide by the standards and continuously improve the quality of healthcare.

An independent healthcare provider is assessed against approximately 32 core standards and a range of service-specific standards. The standards cover basic requirements for the healthcare providers to practice, ranging from ensuring that employees are appropriately recruited and receive adequate training to ensuring that medical equipment is decontaminated properly.

The Healthcare Commission has launched a new web service which will provide information about the performance of independent hospitals, mental health units and independent sector treatment centres. People will be able to search the information by provider name or by post code, as well as by standard.

What is Information Governance?
Information governance allows NHS and Social Care organizations and individuals to ensure that personal information is handled legally, securely, efficiently and effectively, in order to deliver the best possible care. It also enables organizations to put in place policies and procedures for the archival and retrieval of their corporate records and to achieve compliance with corporate governance standards.

What are Standards and Practices that make up IG?
Standards and practices that make up Information Governance are:

Data Protection Act 1998
Confidentiality NHS Code of Practice
International Information Security Standard ISO/IEC 27002:2007, formerly 17799:2005
Information Security NHS Code of Practice
Records Management NHS Code of Practice
Freedom of Information Act 2000

Information Security Management in Health Using ISO/IEC 27002
ISO 27799 is an information security standard developed by the International Organisation for Standardisation (ISO). Its title is Health Informatics - Information Security Management in Health Using ISO/IEC 27002. The purpose of ISO 27799 is to provide guidelines to healthcare organisations and other institutes that hold personal health related information on how to protect such information through the implementation of ISO/IEC 27002

This security standard can be applicable to any information related to personal health. This information can be in the form of words and numbers, sound recordings, drawings, video and medical images or any other form. Doctors, clinics, hospitals and all other healthcare institutes are required to protect this information no matter how it is stored (printing or writing on paper or electronic storage) and whatever means used to transmit it (by hand, via fax, over computer networks or by post), the information must always be appropriately protected.

ISO 27799:2008 specifies a set of detailed controls for managing health information security and provides health information security best practice guidelines. By implementing this International Standard, healthcare organisations and other custodians of health information will be able to ensure a minimum requisite level of security that is appropriate to their organisation's circumstances and that will maintain the confidentiality, integrity and availability of personal health information.

What are the consequences of non-compliance?
Organisations spend time and money on implementing their systems, training their staff on industry standards and practices and ensuring that they do not breach patient/service user rights. If the organisation does not have systems in place to comply with the above policies and procedures, they are likely to break the law. Not only that, if an organisation does not comply with the NHS Connecting for Health’s Statement of Compliance (SoC), it will not be able to receive access to the N3 network and/or NHS Connecting for Health Digital Services.

How Tabaq Software can help you
jComply makes it possible for companies to create policies based on external standards and practices such as Data Protection Act 1998 and disseminate them to their employees. Our system also provides a document management module which helps create a document, version control it, encrypt it, compress it and then archive it. The training module in the system can help the compliance managers in creating multiple choice tests which can be published to the end users for evaluation. The system automatically maintains an audit trail which can show an auditor or a compliance manager an entire chain of events. All in all, jComply goes full circle and can help a company achieve its desired compliance ratio for a regulation.

To read more about jComply visit, jComply page.