Information governance is a means of ensuring that all data, including personal information, is handled in line with relevant legislation, guidance and evidence-based practices. Information must be collected in a manner that is fair, secure and respects the privacy of all data subjects. This includes people who participate in surveys of health and social care, as well as any other individuals, whose data may be received as part of a survey, for example a family member, carer or healthcare professional.
Before carrying out a survey, a Data Protection Impact Assessment or DPIA, must be carried out. The DPIA will identify data privacy risks when conducting a survey and the controls that will be put in place to reduce those risks. Identifying risks and introducing controls to reduce those risks will ensure that organisations meet their information governance requirements.
In this podcast, the HSE’s June Bougler interviews Donnacha O’ Ceallaigh from the National Care Experience Programme. Donnacha talks about the five steps that the National Care Experience Programme take to complete DPIAs and the importance of carrying them out before each survey.
Donnacha also refers to helpful resources such as the HIQA’s Privacy Impact Assessment (PIA) Toolkit and Threshold Assessment, which can be found here, and the National Care Experience Programme’s summary reports of their DPIAs, which can be found here.