ScHARR Research Information Governance
ScHARR is home to world-leading health research. We are ranked 4th in the UK for the power of our research (quality and quantity).
It is essential that we manage the information we hold in an effective and secure way, in particular that which is personal or sensitive. Information governance (IG) encompasses a set of standards and guidance which describe how information should be handled.
You can view the roles, responsibilities and structure for information management governance at the University here www.sheffield.ac.uk/govern/data-protection.
The ScHARR Information Governance Committee is responsible for the creation, dissemination and implementation of information governance policies and processes which demonstrate that we can be trusted to maintain confidentiality and security. Information Governance (IG) is the way in which organisations (whether inside or outside the NHS) handle information, in particular that which is considered to be personal or sensitive.
Information is a vital asset, both in terms of the clinical management of individual patients and the efficient management of services and resources. It plays a key part in clinical governance, service planning and performance management.
NHS DIGITAL INFORMATION GOVERNANCE POLICY
The ScHARR Information Governance Policy applies to all those within ScHARR who receive, store, process or have any other form of contact with data collected for use in, or produced as a result of, research projects. As it's possible that anyone in the School will encounter sensitive information, all staff and students must have completed and passed the assessment in each section of the Information Security Training. This requirement includes Emeritus, Honorary, Visiting and short-term contract staff.
Your Section Lead or Deputy Section Lead should always be your first port of call. See the Information Governance committee membership list for contact details
Your information security training must be up to date to ensure you have access to all the relevant data, files, servers and systems for your work.
The Training link above will take you to an online learning page so you may need to enter your University Username and password. Please complete these five sections of the training:
- PROTECTING INFORMATION
- PROTECTING PERSONAL DATA
- PROTECTING RESEARCH DATA
- ScHARR - INFORMATION GOVERNANCE
- CYBER SAFETY
Please also see the Mandatory and Recommended Training for ScHARR Staff page for links to other research-related information governance training.
If you need or would like extra, more detailed security training please contact the Committee.
- Data security when working at home or off-campus
- Using Qualtrics for ScHARR-based projects
- Overdue training renewal
- Data destruction
- IG spot checks
- IG Learning needs analysis strategy
- Setting up and using a VPN link to work off-campus
- Management of ScHARR resources on the University shared filestore (typically mapped as the “X: drive”)
- Setup and use of Virtual Machines for risk-bearing data process
- Routine maintenance of ScHARR resources on University Departmental Storage
- Information Asset Owner (IAO) for ScHARR NHS DSPT assured projects
- Process for projects using the Data Security and Protection Toolkit (DSPT) as the security assurance