Information Governance: Themes from incidents

The Information Commissioners Office (ICO) is the UK's independent body set up to uphold information rights. Their role is to uphold information rights in the public interest.

The graph shows the top two types of incidents reported to the ICO in the first six months of the financial year 2018/19 that relates to all UK health services.

For the Trust, the top types of incidents reported to our Information Governance team (via DATIX) are of the same themes - the accidental disclosure of personal data and the security of data. 

The top three themes for DATIX incidents reported at EEAST are:

  • Loss of paper patient care records (PCRs)
  • Referrals being sent to the incorrect GP or Social Service
  • CAD Risk markers being wrongly applied or no longer applicable.

So how can we all help reduce the risks to personal data?

Loss of paper PCRs

  • The increased use of ePCR will reduce the number of paper records, which in turn, reduces the likelihood of loss.
  • Placing the completed forms in the appropriate envelope and following the PCR policy will also ensure that the risk of loss is reduced.

Referrals being sent to the incorrect GP or Social Service

  • When making a referral through SPOC ensure that you have accurate details of the patient you are making the referral for.
  • Before submitting referrals, it is essential that all call centre staff take care to ensure that they have double check the details they have been given and selected the correct information from the systems used.

CAD Risk Markers

  • Reasons for CAD markers are many and varied, and often need to be selected in a time critical arena.  The utmost care needs to be taken when selecting a CAD marker and applying it. 
  • The checking and rechecking of data is essential
  • Taking timely action if an incorrect marker has applied.

Dealing with data in the varied situations our staff find themselves in is challenging. The IG team understand these challenges and are happy to work with staff to overcome these challenges and reduce the risks of data breaches.  If you believe that a data breach has occurred, please raise a DATIX so that appropriate action can be taken.

Information Governance workshops

We have several workshops for Information Asset Owners and administrators taking place this year and have just added some extra dates. If you would like to book a place, please contact the IG Team at

- Tuesday, 2nd April 2019, Bedford

- Thursday, 4th July 2019, Melbourn

- Tuesday, 10th September 2019, Melbourn

- Tuesday, 22nd October 2019, Bedford

- Tuesday, 3rd December 2019, Norwich

Published 8th March, 2019

Leave a Comment
Name (required)
Email Address (required, never displayed)
Enter a message

(all comments are moderated - your submission will be posted on approval.)