In addition DHSSPS has recently issued guidance in respect of the legal admissibility and retention of records electronically
|
|
- Sharlene Barton
- 6 years ago
- Views:
Transcription
1 Paper BSO 15/2011 ELECTRONIC DOCUMENT STORAGE 1. Purpose of this report The purpose of this report is to brief the Board on a proposal to move to a greater reliance on digital records for FPS payment systems and in particular the Dental, Pharmaceutical and Ophthalmic payment systems 2. Background Recent events relating to offsite storage of record have prompted a consideration by the BSO of the storage arrangements regarding its records and in particular payment claim form records in respect of some of the Family Practitioner Services. In addition, the expected cost pressures for the forthcoming CSR period requires a consideration as to how all costs can be reduced through the use of available technology. In addition DHSSPS has recently issued guidance in respect of the legal admissibility and retention of records electronically 3. Recommendation It is recommended that the Board: 1. Consider, comment and approve the paper 2. Agree the proposal that where possible 1 current payment records relating to pharmaceutical, dental or ophthalmic payments are maintained digitally subject to an initial period of six months storage Hugh McPoland Director of Human Resources and Corporate Services 21 January A Small number of manual invoices are still paid and will need to be stored. This equates to approximately 8-10 boxes per month.
2 Storage of records within the BSO and the potential move to digital storage of FPS payment documentation Introduction 1. Recent events relating to offsite storage of record have prompted a consideration by the BSO of the storage arrangements regarding its records and in particular payment claim form records in respect of Family Practitioner Services. In addition, the expected cost pressures for the forthcoming CSR period require a consideration as to how all costs, particularly Goods & Services costs, can be reduced. 2. Estimated costs 2 incurred in the storage of hard copy records are as follows: Pharmacy 22,732 PaLS 2,134 Medical 29,139 Human Resources 616 Ophthalmic 6,040 Legal 3 2,397 Dental 6,145 Finance 1, These costs are likely to change in forthcoming months as we move to a new provider and a new regional contract is negotiated by the Procurement and Logistics Service. 4. Notwithstanding the savings to be made in tender arrangements for storage costs, a further cost reduction strategy is to focus on the reduction of hard copy files and wherever possible to move to the use of digital records where appropriate. Current work processes and technology used would facilitate the introduction of digital storage for payments with almost immediate effect. This could save up to 34,917 in storage costs over the 7 year period. Substantial progress has been made in recent months to scan a number of FPS claim forms (dental/ophthalmic claims and prescriptions) and consideration can now 2 On the basis of current provider contact price 0.125per box 3 Legal are also charged storage per file per sq ft cost not included 2
3 be given to how we can comply with the requirements of all the standards and legislative instruments set out in the attached appendices and at the same time reduce our storage costs through the use of digitalised documents. 5. Hewlett Packard (HP) has advised that there is enough storage capacity (500gb) within the payment system for 3 years worth of images for dental & ophthalmic. 6. The Pharmaceutical system can hold approximately 18 months of images within the payment system and then they are archived to tape by HP. 7. Thereafter the images will need to be saved to disk or other digital format prior to disposal 4 in accordance with the disposal a schedule currently with PRONI for agreement. 8. Dental & Ophthalmic departments have scanned approximately 1,050,000 claims in the last calendar year. The Pharmaceutical department scanned approximately 20,000,000 claims in the last calendar year. The implementation of a policy to rely on digital records after six months would prevent the need to store originals off site and generate savings as set out above. 9. However, such a move to reliance on digital records requires careful consideration and the legal and governance standards are summarised in Appendices 1 and Immediately prior to the last Board meeting the DHSSPS issued a guidance note to HSC organisations on the issue of the legal admissibility and retention of electronic records.(appendix 3 refers) 11. Whilst clearly stating the records can be destroyed after being electronically scanned it sets out a number of the factors to be taken into account which include: the need to protect the evidential value of the record by copying and storing it in accordance with British Standard BIP 0008, the Code of Practice for Legal Admissibility and Evidential Weight of Information Stored Electronically, 4 It should be noted that DHSSPS has recently advised that no records are to be destroyed due to advice from PRONI. Further information will be provided at the Board meeting. 3
4 the need to consult PRONI in advance with regard to records which may have archival value, as the value may include the format in which it was created; and the costs of the initial and then any later media conversion to the required standard, bearing in mind the length of the retention period for which the records are required to be kept. 12. The guidance goes on to note that if a document is to be admissible in court, its authenticity must be beyond question. Whilst compliance with BIP 0008 does not guarantee legal admissibility it enables organisations to demonstrate that they are following best practice. BIP standards are set out in the DHSSPS guidance document Appendix 3 for ease of reference. 13. The Law Society has also issued guidance on this matter and extracts from it Risk are included in the DHSSPS document (Appendix 3) 14. There is a corporate risk that current hard copy records would be digitalised and then required for future legal cases where it may be necessary to present materials in court. However, in recent years there has been no experience in CSA or BSO of originals of the payment documents used for pharmaceutical, dental or ophthalmic payments being required in court and therefore it is suggested the risk of having to produce originals other than to deal with relatively immediate payment queries (6 months is suggested), is low. In other UK jurisdictions decisions have already been made to destroy hard copy FPS payment claim records after a period of six months, where a digital record is available. 15. It is therefore recommended that BSO moves to a position where; a. Whenever possible 5 current payment records relating to pharmaceutical, dental or ophthalmic payments are maintained digitally subject to an initial period of six months storage. 5 A Small number of manual invoices are still paid and will need to be stored. This equates to approximately 8-10 boxes per month. 4
5 b. originals of payment papers which are already held digitally are destroyed after a period of six months. a. Currently digital images are available as follows i. Pharmaceutical from March 2008 ii. Dental from December 2009 iii. Ophthalmic from November Following resolution of the current issues relating to the destruction of records per se, destruction of originals of these images will create an immediate saving of 1000 approx with recurring savings on a monthly basis as fewer records are placed in storage. Financial Consequences 16. In taking a phased approach to the digitalisation of paper records there will be no additional cost for the procurement of scanning machines which have already been procured and are in operation. 17. There may be a small expenditure in regard to the storage of digital images over a period of time but Hewlett Packard currently provide that storage as part of the contract and there are also appropriate back up arrangements in place. Other Considerations 18. Before finalising the decision to move to exclusive use and storage of digital versions of the FPS payment claim records after a 6 month period it is important to note that the scanning system currently ensures all images are indexed, referenced & fully traceable within the payment systems which will enable compliance with standards set out above and the requirements set out in The Lord Chancellor s Code of Practice on the Management of Records issued under section 46 of the Freedom of Information Act 2000 which states that a. The principal issues for the management of electronic records are the same as those for the management of any record. They include, for example the creation of authentic records, the tracking of records and disposal arrangements 6. 6 Source PRONI 5
6 b. Effective electronic record keeping requires i. a clear understanding of the nature of electronic records; ii. the creation of records and metadata necessary to document business processes: this should be part of the systems which hold the records; iii. the maintenance of a structure of folders to reflect logical groupings of records; iv. the secure maintenance of the integrity of electronic records; v. the accessibility and use of electronic records for as long as required (which may include their migration across systems); vi. the application of appropriate disposal procedures, including procedures for archiving; and vii. the ability to cross reference electronic records to their paper counterparts in a mixed environment. viii. In addition, Audit Trails must be provided for all electronic information and documents. 19. Consideration should be given to seeking formal accreditation of our record systems under the current standard BSI BIP 008 as well as the ISO standard for Records Management BS ISO It should be noted that the Records Management Policy of the Business Services Organisation already covers electronic record systems as stated in paragraph 2 a. It covers records in all formats electronic or paper, created collated, processed used, stored and/or disposed of in the course of BSO business. 21. It should be noted that a revised disposal schedule is currently with PRONI for agreement. 6
7 Recommendation The Board is asked to 22. Agree the proposal that where possible 7 current payment records relating to pharmaceutical, dental or ophthalmic payments are maintained digitally subject to an initial period of six months storage 23. Agee that the digital records be maintained in accordance with the current disposal arrangements wherein they would be disposed of after period of seven years and that steps are taken to allow current hard copy records in storage to be destroyed in accordance with the disposal schedule 8 subject to DHSSPS lifting the current moratorium on destruction of files. 24. There may be an opportunity in the future to scan the current stored documents but at present there is insufficient resource to apply to a comprehensive back scanning of these records. If this situation changes an appropriate business case will be developed. 7 A Small number of manual invoices are still paid and will need to be stored. This equates to approximately 8-10 boxes per month. 8 Following the removal of the current embargo on destruction of records expected in late February
8 Appendix 1 Background to storing of Records within BSO All Health and Personal Social Services (HPSS) records are public records under the terms of Public Records Act (Northern Ireland) The Act sets out the broad responsibilities for everyone who works with such records. The HSC also has a statutory duty to make arrangements for the safe keeping and eventual disposal of its records. This paper is designed to consider the need for continuing the use of paper records within key functions of the Business Services Organisation. The retention of records is governed by the DHSSPS Policy, Good Management, Good Records which sets out a number of standards which HSC organisations are expected to comply. It states that an effective records management service ensures that such information is properly managed and is available whenever and wherever there is a justified need for information, and in whatever media it is required to: support patient/client care and the continuity of care; support day-to-day business which underpins delivery of care; support sound administrative and managerial decision making, as part of the knowledge base for HPSS services; assist medical, social and other audits; support improvements in clinical and social care effectiveness through research and also support archival functions by taking account of the historical importance of material and the needs of future research; support the planning for and development of new services; and provide accountability. It also sets out what must be recorded? All work done (i.e. activity carried out or provided) by HPSS staff must be recorded and held in registered files. These files constitute the records of the organisation. Each file should make up a comprehensive record of what was done, how it was done and why. Files should also evidence any actions and decisions that were rejected and why. Prior to the implementation of Electronic Document and Records Management Systems approved by the National Archives (London) 2002, electronic records cannot be accepted as the definitive record. Generally, any item should be kept in a registered file that: contains information or work relating to a file subject; 8
9 shows the reasons why something has been accepted or rejected or why something has been done or not done; shows who was involved in the decision making or work done; contains financial papers, statistics, or treatment and care relating to the file subject; relates to the success or failure of any work or project associated with the file subject, or success or failure to meet targets, standards. The Code of Practice on the Management of Records under Section 46 of the Freedom of Information Act 2000 issued by the Lord Chancellor s Department (now called the Department of Constitutional Affairs) states that: 8.2 Records of a business activity should be complete and accurate enough to allow employees and their successors to undertake appropriate actions in the context of their responsibilities, to facilitate an audit or examination of the business by anyone so authorised; protect the legal and other rights of the authority, its clients and any other person affected by its actions; and provide authenticity of the records so that evidence derived from them is shown to be credible and authoritative. 9
10 Appendix 2 Legislative Requirements surrounding the Storage of Records Public Records Act (Northern Ireland) 1923 All HPSS records are public records under the terms of the Public Records Act (Northern Ireland) Chief Executives and senior managers of all HPSS organisations are personally accountable for records management within their organisation. They have a duty to make arrangements for the safe keeping and correct disposal (under the Disposal of Documents Order (Northern Ireland) 1925) of those records under the overall supervision of the Deputy Keeper of Public Records whose responsibility includes permanent preservation. Limitations (Northern Ireland) Order 1989 The Limitations (Northern Ireland) Order 1989 sets out the statutory provisions governing the time limits for bringing a claim against another. This means that records should be kept for as long as is necessary to facilitate the requirements of the Order. The main provisions of the Order are:- The limitation period for a claim based on contract is 6 years (Article 4). This is the rationale behind keeping invoices, etc for that length of time; The limitation period for a claim for personal injury caused by negligence is 3 years from the date of injury, or, if later, 3 years from the date of knowledge of the person injured. This date of knowledge is the date when the injured person first had knowledge that the injury was significant and attributable wholly or partly to the alleged negligence (Article 7); The limitation period for a person under legal disability (e.g. a person with learning disability ) is before the expiration of six years from the ate when the person ceased to be under a disability or died which ever event occurred first notwithstanding that the time limit has expired. The limitation period for a claim for negligence, not involving personal injury is 15 years (Article 12). An example of this would be the giving of negligent financial advice which caused economic loss rather than personal injury; The limitation period for actions founded on instruments under seal is 12 years (Article 15). Some agreements made by departments may well fall into this category; 10
11 The limitation period for actions to recover an interest in land is 12 years (Article 21). This period is extended to 30 years where the Crown is seeking to recover interest in land. There are some cases where the time limit is extended. All such information held by the BSO is also governed by the Data Protection, Freedom of Information and the Environmental Information Regulations. The DHSSPS guidance also sets out a retention and disposal schedule which has been agreed with the Public Records Office. In addition, all public organisations must comply with the NI Records Management Standard (NIRMS). An additional requirement is to ensure compliance with the Lord Chancellor s Code of Practice on the Management of Records issued under Section 46 of the Freedom of Information Act
12 Legal Admissibility and Retention of Records Electronically Issued By DHSSPS January 2011 Appendix 3 Background Good Management Good Records (GMGR), the Department s guidelines for Managing records in Health and Social Care Organisations in Northern Ireland issued in December 2004, defines the recommended minimum retention periods for such records and provides advice on how records should be managed. Technology has progressed since 2004, and organisations are implementing Electronic Document Records Management Systems (EDRMS) and scanning paper records unto such systems. GMGR is currently being revised and the guidance will reflect the current records management climate. Electronic Records Retention Regardless of the medium on which the records are kept, they are required to be authentic, reliable, useable complete and unaltered. The shift to electronic records has raised questions amongst records managers. The question most often asked is Can I destroy the original documentation once it has been scanned? The answer is yes as long as the correct process in committing your records to digital image is followed. The factors to be taken into account include: the need to protect the evidential value of the record by copying and storing it in accordance with British Standard BIP 0008, the Code of Practice for Legal Admissibility and Evidential Weight of Information Stored Electronically, the need to consult PRONI in advance with regard to records which may have archival value, as the value may include the format in which it was created; and 12
13 the costs of the initial and then any later media conversion to the required standard, bearing in mind the length of the retention period for which the records are required to be kept. If a document is to be admissible in court, its authenticity must be beyond question. Whilst compliance with BIP 0008 does not guarantee legal admissibility it enables organisations to demonstrate that they are following best practice. BIP 0008 The five principles of information management encapsulated in BIP0008 are: 1. Representation of Information An information management policy document should describe the different types of information held within the organisation and, for each type, specify: the level of security appropriate storage media formats and version control information management standards, e.g. quality retention and destruction policy responsibilities and roles for information management functions responsibilities for compliance with the BIP Duty of Care Organisations need to have in place: an awareness of the legislative and regulatory bodies pertinent to its industry; a chain of accountability and defined responsibility for activities involving electronic document records management at all levels; a system to keep up to date with information management theory and practice; and 13
14 a documented information security policy. 3. Business Procedures and Processes Organisations should have a user manual for each of it s information management systems. The manual is the document that the organisation will produce, if it's electronic storage methods are ever challenged, to prove to auditors, lawyers or judges that the processes are precise, secure and approved for its normal business procedures. The user manual will typically define the following: Document types Preparation of documents prior to scanning Photocopies Batch control Scanning processes Scanning specific documents Image Processing Compression Techniques How information is indexed Quality control Procedures for producing authenticated output Procedures for authenticating copies of documents How information is transmitted within the system Procedures for document retention and destruction System maintenance schedules Security and protection, including encryption and the use of digital certificates; Backup and system recovery procedures Use of bureau services Workflow Date/time stamping Version control 14
15 BIP 0008 insists that the procedures and processes be audited annually, or more frequently for legally sensitive archives, to make sure that the approved procedures are being observed or that new ones meet the requirements and are formally and properly incorporated in the manual. 4. Enabling Technologies A typical system will be comprised of many different technologies, each of which need to comply with BIP0008. These technologies include: storage media access control mechanisms system and data integrity image processing compression techniques compound documents data migration document deletion 5. Audit Trails BIP0008 requires that a system must have full auditing functionality. Without detailed audit trails authenticating a document, and therefore satisfying a legal body, may not be possible. The audit trail, as a minimum, should log details of each significant event in the life of a document in the system. The audit trail should: be generated automatically by the system; contain date/time stamps for each event; be non-alterable; be stored in accordance with the organisation s information management policy; be subject to appropriate access control; and be securely stored and backed-up. 15
16 Transfer of Electronic Records to PRONI PRONI is currently undertaking a project that will result in the establishment of a trusted digital repository capable of ingesting digital records. The work is currently at the detailed planning stage with PRONI and consultants working to produce a Business Case setting out the requirements and resources needed. The aim of the Business Case is to have the appropriate resources and infrastructure in place and running by December Until the digital repository has been established at PRONI, records deemed suitable for transfer for permanent preservation should be managed by the originating organisation. As such the records should be maintained in live servers/environments until transfer can take place. Those records not found worthy of permanent preservation should be destroyed as soon as their business need comes to an end. PRONI have advised that the final actions described in the disposal schedule in Part 2 of GMGR should be applied to both electronic and paper records. The creation of disposal schedules within an Electronic Document Records Management System may need to be assessed to ensure their operational viability. The transfer of electronic records from organisations to PRONI will be governed by a set of policy documents, including a digital preservation strategy that will be made available on the PRONI website, 16
17 Organisations who have already implemented electronic record keeping systems should contact PRONI for the advice and guidance required to plan for the transfer of records. 17
18 Law Society Guidance Annex The Law Society carries guidance with regard to legal admissibility of electronically stored documents in its publication: Guidance ownership, storage and destruction of documents. Extracts of this taken from the cabinet office website are as follows: Can I store documents photographically or electronically, and destroy the originals? Original documents, such as deeds, guarantees or certificates, which are not your own property, should not be destroyed without the express written permission of the owner. Where the work has been completed and the bill paid, other documents, including your file, may be stored, for example, on a CD ROM, computer system or microfilm and then destroyed after a reasonable time. In cases of doubt the owner s written permission should always be sought. If it is not possible to obtain such permission you will have to form a view and evaluate the risk. When seeking owners permission to microfilm or store data electronically and destroy documents, you may wish to reserve the right to make a reasonable charge for preparing copies if they are later requested. What is the evidential value of a photographically or electronically stored document where the original has been destroyed? There is a dearth of judicial authority on this topic and, until the law and practice on the subject of microfilmed or electronically stored documents are clarified, it is only possible to provide general guidelines. The Society has been advised that: (a) A microfilm of any document in a solicitor s file will be admissible evidence to the same extent, no more and no less, as the document itself, provided that there is 18
19 admissible evidence of the destruction of the document and identification of the copy. (b) Written evidence of the destruction of the original and of identification of the copy will enable the microfilm to be adduced in subsequent civil proceedings (under the Civil Evidence Act 1968) and in criminal proceedings (under the Police and Criminal Evidence Act 1984). What procedures would the Society recommend where an original document is stored electronically or photographically and then the original is destroyed? (a) Written evidence of the destruction of the original and of identification of the copy must always be preserved in case oral evidence is no longer available when needed (b) There should be a proper system for: (i) identifying each file or document destroyed; (ii) recording that the complete file or document, as the case may be, has been photographed; (iii) recording identification by the camera operator of the negatives as copies of the documents photographed; and (iv) preserving and indexing the negatives. (c) If a microfilm, electronically or photographically stored data is required to be produced in evidence, a partner or senior member of staff should be able to certify that: (i) the document has been destroyed; (ii) the microfilm, electronically or photographically stored data is a true record of that document; and (iii) the enlargement is an enlargement of the microfilm, electronically or photographically stored data. (d) Microfilm copies of some documents (e.g. coloured plans) can be unsatisfactory, in which case the originals should be preserved. With regard to point 8 (d) above - the scanned images are colour where necessary so that the evidential weight of colour plans and photographs are maintained in electronic format. 19
NHS SOUTH DEVON AND TORBAY CLINICAL COMMISSIONING GROUP INFORMATION LIFECYCLE MANAGEMENT POLICY
NHS SOUTH DEVON AND TORBAY CLINICAL COMMISSIONING GROUP INFORMATION LIFECYCLE MANAGEMENT POLICY Version Control Version: 2.0 dated 17 July 2015 DATE VERSION CONTROL 04/06/2013 1.0 First draft of new policy
More informationRecords Management Policy
Records Management Policy Responsible Officer Author Business Planning & Resources Director Corporate Office Date effective from December 1999 Date last amended December 2015 Review date October 2018 1
More informationInformation Governance and Records Management Policy March 2014
Information Governance and Records Management Policy March 2014 Approving authority: Secretary s Board Consultation via: Secretary's Board Information Governance and Security Group Approval date: 4 March
More informationRecords Disposal Schedule Charles Darwin University Procurement Services Charles Darwin University
Records disposal schedule Records Disposal Schedule Charles Darwin University Procurement Services Charles Darwin University Disposal Schedule No. For information and advice, please contact Department
More informationScanning Documents Policy
Scanning Documents Policy Reference No: Version: 3 Ratified by: P_IG_11 LCHS Trust Board Date ratified: 12 th September 2017 Name of originator/author: Name of approving committee/responsible individual:
More informationFreedom of Information: Guide to information available from Brentford School for Girls under the Model Publication Scheme
Freedom of Information: Guide to information available from Brentford School for Girls under the Model Publication Scheme Freedom of Information Act publication scheme for academies This generic model
More informationRecords Management Plan
Records Management Plan October 2014 1 2 Document control Title The Scottish Funding Council Records Management Plan Prepared by Information Management and Security Officer Approved internally by Martin
More informationDate: INFORMATION GOVERNANCE POLICY
Date: INFORMATION GOVERNANCE POLICY Information Governance Policy IGPOL/01 Information Systems Corporate Services Division March 2017 1 Revision History Version Date Author(s) Comments 0.1 12/12/2012 Helen
More information1. Each employee is responsible for managing college records in a responsible and professional manner.
Policy O-6.2 Approved By: College Executive Team Approval Date: February 26, 2003 Amendment Date: November 25, 2009 Policy Holder: VP Administration Purpose / Rationale RECORD MANAGEMENT The purpose of
More informationUNIVERSITY OF SUNDERLAND STANDING ORDERS TENDERING AND CONTRACT PROCEDURES
UNIVERSITY OF SUNDERLAND STANDING ORDERS TENDERING AND CONTRACT PROCEDURES Finance and Development Committee Revised February 2010 UNIVERSITY OF SUNDERLAND STANDING ORDERS ON TENDERING AND CONTRACT PROCEDURES
More informationElectronic invoicing (e-invoicing)
www.pwc.ch Electronic invoicing (e-invoicing) A guide for organisations and institutions Electronic invoicing (e-invoicing) 1 What s it all about? This is a guide to help people who manage organisations
More informationGuidance on the Application. of ISO / IEC Accreditation International Association for Certifying Bodies
Accreditation International Association for Certifying Bodies Guidance on the Application of ISO / IEC 17020 Guidance on the Application of ISO/IEC 17020 Page 1 of 16 Introduction This guidance document
More informationThomson House School Freedom of Information Policy
Thomson House School Freedom of Information Policy Agreed by: Finance and General Purposes Committee Date: January 2017 Review Cycle: Annual Next Review Date: January 2018 1 Freedom of Information Act
More informationRecords management policy. Document author Assured by Review cycle. Audit and Risk Committee. 1. Introduction Purpose or aim Scope...
Records management policy Board library reference Document author Assured by Review cycle P017 Head of Compliance Audit and Risk Committee 3 Years This document is version controlled. The master copy is
More informationTerms of Reference. Quality and Value Audits
Terms of Reference Quality and Value Audits Table of Contents SECTION 1 General 3 1.1 Introduction 3 1.2 Statutory authority 3 1.3 Purpose and Scope 4 SECTION 2 Methodology 6 2.1 The audit programme 6
More informationData Protection/ Information Security Policy
Data Protection/ Information Security Policy Date Policy Reviewed 27 th April 2016 Date Passed to Governors: 27 th April 2016 Approved by Governors: 7 th June 2016 Date of Next Review: June 2018 Data Protection
More informationCloud Computing Policy and Guidelines Release: 1.51
Cloud Computing Policy and Guidelines Release: 1.51 1. Introduction This document sets out the College s policy for the use of cloud computing services, also known as cloud computing, cloud services or
More informationCorporate Governance in the NHS. Code of Conduct Code of Accountability
Corporate Governance in the NHS Code of Conduct Code of Accountability Contents Code of Conduct for NHS Boards Public Service Values... 2 General Principles... 2 Openness and Public Responsibilities...
More informationElectronic invoicing (e-invoicing)
www.pwc.ch Electronic invoicing (e-invoicing) A guide for organisations and institutions Electronic invoicing (e-invoicing) 1 What s it all about? This is a guide for decision-makers and project leaders
More informationHumber Information Sharing Charter
External Ref: HIG 01 Review date November 2016 Version No. V07 Internal Ref: NELC 16.60.01 Humber Information Sharing Charter This Charter may be an uncontrolled copy, please check the source of this document
More informationAGS 10. Joint Audits AUDIT GUIDANCE STATEMENT
AUDIT GUIDANCE STATEMENT AGS 10 Joint Audits This Audit Guidance Statement was approved by the Council of the Institute of Singapore Chartered Accountants (formerly known as Institute of Certified Public
More informationSafeguarding Adults Case File Audit. Policy, Procedure and Practice
Safeguarding Adults Case File Audit Policy, Procedure and Practice 1 CONTENTS CONTENTS PAGE PARAGRAPH POLICY 4 1.0 Introduction Definitions Principles of Conducting Audits Recording Standards Aims and
More informationAnnexure B Section 22
Annexure B Section 22 Accreditation of Audit Firms, Reporting Accountants, Reporting Accountant Specialists and IFRS Advisers to provide accounting and/or advisory services to applicant issuers Scope of
More informationStellenbosch University Records Management Policy
Stellenbosch University Records Management Policy Reference number of this document POL-001-2016 HEMIS classification Purpose To maintain, protect, retain and dispose of records in accordance with fiscal,
More informationData protection (GDPR) policy
Data protection (GDPR) policy January 2018 Version: 1.0 NHS fraud. Spot it. Report it. Together we stop it. Version control Version Name Date Comment 1.0 Trevor Duplessis 22/01/18 Review due Dec 2018 OFFICIAL
More informationCode of Governance of Irish Institutes of Technology January 2012
Code of Governance of Irish Institutes of Technology January 2012 Code of Governance of Irish Institutes of Technology- as amended to reflect 2009 Code of Governance for State Bodies 2 Governance of Irish
More informationSection 22. Scope of section. Accreditation. Eligibility Criteria
Section 22 Accreditation of Audit Firms, Reporting Accountants, Reporting Accountant Specialists and IFRS Advisers to provide accounting and/or advisory services to applicant issuers Scope of section The
More informationMS Society Disclosure policy and procedure - Scotland
MS Society Disclosure policy and procedure - Scotland Disclosure policy 1 Purpose and scope 1.1 The objectives of this policy and procedure are to ensure: the vulnerable groups who use our services and
More informationINFORMATION AND RECORDS MANAGEMENT POLICY
INFORMATION AND RECORDS MANAGEMENT POLICY Section University Management Contact Information and Records Management Last Review October 2017 Next Review October 2020 Approval SLT 17/10/151 Purpose: To provide
More informationIntroduction GUIDELINES FOR THE SELECTION OF AN ELECTRONIC DOCUMENTS AND RECORDS MANAGEMENT SYSTEM
PURPOSE The electronic information landscape is growing rapidly, and school boards/authorities in the Province of Ontario are challenged with finding effective ways to manage electronic documents and records.
More informationLEVEL 4. Foundation Diploma in Purchasing and Supply. Senior Assessor s Report. Nov Developing Contracts in Purchasing and Supply L4-02
Foundation Diploma in Purchasing and Supply Developing Contracts in Purchasing and Supply L4-02 LEVEL 4 Senior Assessor s Report Nov 2008 L4-02 SA report/nov 2008 1 INFORMATION FOR CANDIDATES The senior
More informationGovernment of Rwanda records and archives management policy
The East African Community EAC IRC Repository http://repository.eac.int Republic of Rwanda Strategies/ Policy Frameworks 2012-09 Government of Rwanda records and archives management policy Republic of
More informationStudy Files and Filing
Study Files and Filing The current version of all Hillingdon Hospital R&D Guidance Documents and Standard Operating Procedures are available from the R&D Intranet and Internet sites: www.ths.nhs.uk/departments/research/research.htm
More informationNHS Lambeth Clinical Commissioning Group Constitution
NHS Lambeth Clinical Commissioning Group Constitution Our mission is to improve the health and reduce health inequalities of Lambeth people and to commission the highest quality health services on their
More informationNHSLA Risk Management Standards for NHS Trusts Providing Community Services 2011/12
NHSLA Risk Management Standards for NHS Trusts Providing Community Services 2011/12 Milton Keynes Primary Care Trust Provider of Community and Mental Health Services Level 1 May 2011 Contents Page 1: Executive
More informationAligning Records Management with ICT/ e-government and Freedom of Information in East Africa
Aligning Records Management with ICT/ e-government and Freedom of Information in East Africa James Lowry and Anne Thurston, International Records Management Trust Abstract This paper provides an overview
More informationGE/GN8640. Risk Evaluation and Assessment. Guidance on Planning an Application of the Common Safety Method on. Rail Industry Guidance Note
GN Published by: Block 2 Angel Square 1 Torrens Street London EC1V 1NY Copyright 2014 Rail Safety and Standards Board Limited GE/GN8640 Method on Risk Evaluation and Assessment Issue One; June 2014 Rail
More informationARTICLE 29 Data Protection Working Party
ARTICLE 29 Data Protection Working Party 05/EN WP108 Working Document Establishing a Model Checklist Application for Approval of Binding Corporate Rules Adopted on April 14 th, 2005 This Working Party
More informationHSCIC Audit of Data Sharing Activities:
Directorate / Programme Data Dissemination Services Project Data Sharing Audits Status Approved Director Terry Hill Version 1.0 Owner Rob Shaw Version issue date 20/04/2016 HSCIC Audit of Data Sharing
More informationBuilding Regulations and fire safety: procedural guidance
Building Regulations and fire safety: procedural guidance Contents Foreword...2 Terminology...4 Section 1 - Introduction...5 What Legislation Applies...5 Building Regulations...5 Fire Precautions Act 1971...5
More informationRECRUITMENT CODE. Ensuring appointment on merit & safeguarding ethics. (Revised January 2017) StaVersion: One July 2009
RECRUITMENT CODE April 2012 () Ensuring appointment on merit & safeguarding ethics ROOM 105, STORMONT HOUSE, STORMONT ESTATE,, BELFAST, BT4 3SH t. 028 9052 3599 www.nicscommissioners.org StaVersion: One
More informationINTERREG IVA Programme. Guidance Note on Procurement and Tendering G4/IIVA
INTERREG IVA Programme Introduction Guidance Note on Procurement and Tendering G4/IIVA This guidance note sets out the procurement processes and thresholds in relation to projects funded in the INTERREG
More informationFreedom of Information (FOI) Policy
Freedom of Information (FOI) Policy Subject Freedom of Information Act (2000) Policy number Tbc Approved by Trust Executive Group Date approved March 2015 Version 2 Policy owner Director of Communications
More informationPart 1 Introduction to the Cooperative Council Constitution
Part 1 Introduction to the Cooperative Council Constitution Contents 1- The Constitution... 11 2 - The Council s Cooperative Ambition... 12 3 Councillors... 14 4 The rights of the public... 17 5 Decision
More informationPublic authorities under the Freedom of Information Act
ICO lo Public authorities under the Freedom of Information Act Freedom of Information Act Contents Public authorities under the Freedom of Information Act... 1 Overview... 2 What FOIA says... 2 Schedule
More informationForeword 3. Terminology 5
CONTENTS Foreword 3 Terminology 5 Section 1 Introduction 7 What Legislation Applies 7 The Division Of Responsibility 8 Building Regulations Compliance In General 9 Risk Assessment and The Workplace Fire
More informationCENTRAL BANK OF CYPRUS
GUIDELINES TO BANKS ON THE APPROVAL PROCESS OF THE INTERNAL RATINGS BASED (IRB) AND THE ADVANCED MEASUREMENT (AMA) APPROACHES FOR THE CALCULATION OF CAPITAL REQUIREMENTS APRIL 2007 TABLE OF CONTENTS 1.
More informationSA 230 Audit Documentation SA 300 Planning an Audit of FS
ICAI YMEC & AASB Hosted by WIRC of ICAI Workshop on Auditing Standards SA 230 Audit Documentation SA 300 Planning an Audit of FS 22 nd November 2014 Disclaimer These are my personal views and can not be
More informationData Protection Policy
THE CIPPENHAM SCHOOLS TRUST Data Protection Policy *Date for revision: Summer Term 2018 Responsibility for policy: Responsibility for operational: Trustees Trustees Reviewed by Directors: *subject to any
More informationKENYA TRADE NETWORK AGENCY VACANCY ANNOUNCEMENT
KENYA TRADE NETWORK AGENCY VACANCY ANNOUNCEMENT The Kenya Trade Network Agency (KenTrade) is a State Corporation under the National Treasury whose mandate is to implement, operationalize and manage the
More informationData Protection. Policy
Data Protection Policy Why do we need this policy? What does the policy apply to? Which parts of SQA are affected? SQA is committed to adopting best practice in protecting the personal information of all
More informationDePaul University Records Management Manual October 1, 2016
Records Management Manual October 1, 2016 A Note from the Director October 1, 2016 Dear Community Member, On behalf of the Department of Records Management, I welcome you to our vibrant community. As the
More informationEwyas Harold Group Parish Council. Freedom of Information Policy
Ewyas Harold Group Parish Council Freedom of Information Policy The Parish Council Model Publication Scheme follows this policy. This scheme will enable members of the public to view and access information
More informationData Protection Act 1998 Employee Fair Processing Notice
Data Protection Act 1998 Employee Fair Processing Notice Reference: Document Type: Status of Document: Policy Final Version: 1.3 Date Approved: 16 th December 2014 Approved By: Director of HR & OD Publication
More informationON ARM S LENGTH. 1. Introduction. 2. Background
ADVICE FOR COUNCILLORS ON ARM S LENGTH EXTERNAL ORGANISATIONS 1. Introduction 1.1 This Advice Note, issued by the Standards Commission for Scotland (Standards Commission), aims to provide councillors with
More informationProcurement Document
Procurement Document (Dynamic Purchasing System) Application to enter Community Health Improvement Services Dynamic Purchasing Services Dynamic Purchasing System Dorset County Council, Dorset Procurement,
More informationWork Health and Safety Management Systems and Auditing Guidelines
Work Health and Safety Management Systems and Auditing Guidelines 5th edition, September 2013 (Updated May 2014) Work Health and Safety Management Systems and Auditing Guidelines These Guidelines are a
More informationProcurement Procedure. (Standard Operating Procedure)
Procedure (Standard Operating Procedure) Procedure Policy : Executive Summary: Policy The Procedure provides guidance on the appropriate procurement process to all Trust Staff and Budget Holders involved
More informationCUSTOMER AND SUPPLIER ROLES AND RESPONSIBILITIES FOR 21 CFR 11 COMPLIANCE ASSESSMENT. 21 CFR Part 11 FAQ. (Frequently Asked Questions)
21 CFR Part 11 FAQ (Frequently Asked Questions) Customer and Supplier Roles and Responsibilities for Assessment of METTLER TOLEDO STARe Software Version 16.00, including: - 21 CFR 11 Compliance software
More informationAppendix G. Process For Protection of Proposal Information For 2016 Request For Proposals For Long-Term Renewable Generation Resources
Process For Protection of Proposal Information For 2016 Request For Proposals For Long-Term Renewable Generation Resources Entergy Arkansas, Inc. May 26, 2016 APPENDIX G PROCESS FOR PROTECTION OF PROPOSAL
More informationCapability health procedure for academic support staff
Capability health procedure for academic support staff Policy The School's policy in relation to sickness absence is to support employees by paying sick pay and investigating absence in conjunction with
More informationHuman Resources People and Organisational Development. Disciplinary Procedure Manual Staff
Human Resources People and Organisational Development Disciplinary Procedure Manual Staff December 1998 Revised November 2015 Contents 1. Purpose and Scope... 3 2. General Principles... 3 3. Procedure...
More information1.0 Rationale. 2.0 Intention. 3.0 General Principles. 4.0 Guidance, Procedures & Tactics. 5.0 Challenges & Representations
Policy Title MoPI Review, Retention and Disposal Policy CCMT Sponsor Director of Information, Science and Technology Department/Area Information Management Department Section/Sector 1.0 Rationale 2.0 Intention
More informationLevel 6 NVQ Diploma in Construction Site Management (Construction)
Level 6 NVQ Diploma in Construction Site Management (Construction) Qualification Specification ProQual 2014 Contents Page Introduction 3 The Qualifications and Credit Framework (QCF) 3 Qualification profile
More informationGuidance for Industry - Computerized Systems Used in Clinical Trials
Page 1 of 14 Regulatory Information Computerized Systems Used in Clinical Trials Guidance for Industry - Computerized Systems Used in Clinical Trials
More informationINFORMATION GOVERNANCE POLICY
INFORMATION GOVERNANCE POLICY Unique Reference / Version Primary Intranet Location Information Management & Governance Secondary Intranet Location Policy Name Information Governance Policy Version Number
More informationCRIMINAL RECORDS CHECKS PROCEDURE
CRIMINAL RECORDS CHECKS PROCEDURE Criminal Record Checks Procedure Page: Page 1 of 18 Recommended by Approved by Director of Organisational Development Executive Management Team Approval date 20 th April
More informationNovember 12, The Law of Islamic Republic of Afghanistan Draft Law on Industrial Designs
November 12, 2012 The Law of Islamic Republic of Afghanistan Draft Law on Industrial Designs Industrial Designs Chapter One General Provisions Article NO Topic Page Article 1: Basis ------------------------------------------------------------------
More informationHAUC England Advice Note No. 2014/02. Code of Practice for Inspections: Defects Not Causing Danger Inspections ENGLAND
HAUC England Advice Note No. 2014/02 Code of Practice for Inspections: Defects Not Causing Danger Inspections ENGLAND Version: VI Control Document No.: 1 Document Owner: Roger Culpin and Mark Ostheimer
More informationPay Protection Policy V2.0
V2.0 Table of Contents 1. Introduction... 3 2. Purpose of this Policy/Procedure... 3 3. Scope... 3 4. Definitions / Glossary... 3 5. Ownership and Responsibilities... 4 5.1. Role of the Chief Executive...
More informationThe Committee of Ministers, under the terms of Article 15.b of the Statute of the Council of Europe,
Recommendation CM/Rec(2015)5 of the Committee of Ministers to member States on the processing of personal data in the context of employment (Adopted by the Committee of Ministers on 1 April 2015, at the
More informationDiscussion Paper on the Validation of Pharmacovigilance Software provided via SaaS
Discussion Paper on the Validation of Pharmacovigilance Software provided via SaaS June 2012 K Edmonds Page 1 of 10 Page 2 of 10 Contents 1. Introduction... 4 2. Quality Statement ISO 9001:2015... 4 3.
More informationQUALIFICATION HANDBOOK
QUALIFICATION HANDBOOK Level 4 NVQ Diploma in Spectator Safety Management (6852-04) October 2011 Version 1.0 Qualification at a glance Subject area City & Guilds number 6852 Spectator Safety Age group
More informationQCF. Career Information and Advice. Guidance for Candidates. Level 4 Diploma Scheme code OCR Level 4 Diploma in Career Information and Advice 1
QCF Career Information and Advice Diploma Scheme code 0512 Guidance for Candidates OCR Diploma in Career Information and Advice 1 Contents Contents 1 Introduction 3 2 The qualification 2.1 What is the
More informationGOVERNANCE AND SCRUTINY
GOVERNANCE AND SCRUTINY A Guide for Boards in respect of EQUALITY IMPACT ASSESSMENT CONTENTS EIA: What do I Need to Know?...2 What should I look out for?...4 The 5 questions...4 Understanding the 5 questions....5
More informationApplicants will receive a job description and person specification for the role applied for.
Recruitment, selection and disclosure policy and procedure 1 Introduction The Bedford Charity (The Harpur Trust) is committed to providing the best possible care and education to its pupils and to safeguarding
More informationInternal Control and the Computerised Information System (CIS) Environment. CA A. Rafeq, FCA
Internal Control and the Computerised Information System (CIS) Environment CA A. Rafeq, FCA 1 Agenda 1. Internal Controls and CIS Environment 2. Planning audit of CIS environment 3. Design and procedural
More informationBOARD CHARTER JUNE Energy Action Limited ABN
BOARD CHARTER JUNE 2016 Energy Action Limited ABN 90 137 363 636 Contents Contents... 2 1 Overview... 3 2 Key Board Functions & Procedures... 5 3 Role of the Chairman... 9 4 Role of the Deputy Chairman...
More informationManaging Ministers Office Records
Managing Ministers Office Records Updated: January 2017 Introduction Reliable records are needed by Cabinet ministers to carry out their responsibilities effectively. Records provide important evidence
More information... FOR IN-HOUSE LAWYERS. Law Society of New South Wales In-House Lawyers Committee Handy hints for in-house lawyers 1
... FOR IN-HOUSE LAWYERS Law Society of New South Wales In-House Lawyers Committee 1 AIM In-house lawyers are subject to the same ethical rules as private practitioners. However, in-house lawyers face
More informationThe Futures Trust. Safer Recruitment Policy
The Futures Trust Safer Recruitment Policy The Futures Trust is committed to safeguarding and promoting the welfare of children and young people and requires all staff to share this commitment Date of
More informationSAI Global Full Service Team
General information regarding elements of the certification process is described below. A degree of flexibility and options in the certification process are available so please feel free to contact us
More informationIT Enterprise Services. SharePoint. for records management
IT Enterprise Services SharePoint for records management Sharing the future Using SharePoint 2010 for enterprise-grade records management requirements is fast becoming the de-facto standard a phenomenal
More informationARTICLE 29 DATA PROTECTION WORKING PARTY
ARTICLE 29 DATA PROTECTION WORKING PARTY 17/EN WP 256 Working Document setting up a table with the elements and principles to be found in Binding Corporate Rules (updated) Adopted on 29 November 2017 INTRODUCTION
More informationGUIDELINES FOR IMPLEMENTING A PRIVACY MANAGEMENT PROGRAM For Privacy Accountability in Manitoba s Public Sector
GUIDELINES FOR IMPLEMENTING A PRIVACY MANAGEMENT PROGRAM For Privacy Accountability in Manitoba s Public Sector TABLE OF CONTENTS INTRODUCTION... 2 Accountable privacy management 2 Getting started 3 A.
More informationHSCIC Audit of Data Sharing Activities:
Directorate / Programme Data Dissemination Services Project Data Sharing Audits Status Approved Director Terry Hill Version 1.0 Owner Rob Shaw Version issue date 20/04/2016 HSCIC Audit of Data Sharing
More informationGrievance Procedure. Version: 4.0. Date Approved: 30 October Date issued: 30 October 2017 Review date: October 2022
Grievance Procedure Version: 4.0 Bodies consulted: Approved by: Joint Staff Consultative Committee Executive Management Team Date Approved: 30 October 2017 Lead Manager: Responsible Director: HR Business
More informationCUSTOMER RELATIONSHIPS FURTHER EXCELLENCE GENERIC STANDARDS TRAINING SERVICES THE ROUTE TO ISO 9001:2015 AVOIDING THE PITFALLS
PROCESSES SUPPLY CHAIN SKILLED TALENT CUSTOMER RELATIONSHIPS FURTHER EXCELLENCE GENERIC STANDARDS INDUSTRY STANDARDS CUSTOMISED SOLUTIONS TRAINING SERVICES THE ROUTE TO ISO 9001:2015 FOREWORD The purpose
More informationCorporate Governance Statement John Bridgeman Limited
Corporate Governance Statement John Bridgeman Limited 1 Definition In this document: ASX Board Chair CFO Company Secretary Corporations Act Director means ASX Limited ACN 008 624 691 or the securities
More informationData Protection Audit Self-assessment toolkit
Data Protection Audit Self-assessment toolkit online preferences security passport details emergency contact details blood group email account number accuracy CCTV images tax records rights payroll number
More informationARCHIVES AND RECORDS MANAGEMENT SERVICES (ARMS) Quality Improvement Framework for Archives and Records Management Services in Scotland
Taking a closer look at... ARCHIVES AND RECORDS MANAGEMENT SERVICES (ARMS) Quality Improvement Framework for Archives and Records Management Services in Scotland CONTENTS Introduction 4 What is ARMS? 6
More informationRecover at Work Program
Recover at Work Program General Information Skillset Limited has developed a specific Recover at Work Program, which will form an integral part of the Company s overall Risk Management system. The objectives
More informationManaging personal relationships in the workplace
Managing personal relationships in the workplace Author (s) Ruth Davies, Senior HR Manager Corporate Lead Sue Ellis, Director of Workforce Document Version Date approved by Joint Negotiating Consultative
More informationLead Employer Flexible Working Policy. Trust Policy
Lead Employer Flexible Working Policy Type of Document Code: Policy Sponsor Lead Executive Recommended by: Trust Policy Deputy Director of Human Resources Director of Human Resources Date Recommended:
More informationDocument Management, Retention, and Destruction Policy
RMOUG s mission RMOUG s mission is an independent, non-profit organization formed to empower its members with the best education in database, application, development and personal networking opportunities
More informationAcas consultation. on the revision of paragraphs 15 and 36 of the Acas Code of Practice on Disciplinary and Grievance Procedures
Acas consultation on the revision of paragraphs 15 and 36 of the Acas Code of Practice on Disciplinary and Grievance Procedures December 2013 Acas consultation on the revision of paragraphs 15 and 36 of
More informationCandidate Information Booklet. Finance and Governance Manager (Ref FGM03/18)
Candidate Information Booklet Finance and Governance Manager (Ref FGM03/18) Closing date for applications: 16:00 on 13 th April 2018 Job Description Job Title: Organisation: Location: Salary: Post: Reports
More informationMarket Procedure: Network Control Services
ELECTRICITY INDUSTRY ACT 2004 ELECTRICITY INDUSTRY (WHOLESALE ELECTRICITY MARKET) REGULATIONS 2004 WHOLESALE ELECTRICITY MARKET RULES Market Procedure: Network Control Services Version 2 Commencement:
More informationPractical guide: The legislation that applies to workers in the European Union (EU), the European Economic Area (EEA) and in Switzerland.
Table of Contents INTRODUCTION 5 Why do we need this guide? 5 The rules at a glance 5 PART I: POSTING OF WORKERS 6 1. Which social security system is applicable for employees temporarily posted to another
More informationReview of Information Systems Development
Name of entity: Year of account Completed/updated by (Initials and date) Reviewed by Assignment Manager (Initials and date) Reviewed by Assignment Director (Initials and date) Purpose This review is in
More information