Assignment: Write Information Governance Policy Plan/Program For A HOSPITAL
In this assignment, you must include actual content or provide instruction for each section listed, and include your own additional subsections where appropriate. For example, you will see on one portion of the attached example the following:
Roles and Responsibilities
The first major section of most frameworks clearly define key roles and their responsibilities, including:
Information Governance Committee Information Governance Team Information Risk Management Information Asset Management Records Manager
Line-of-Business Managers Employees
"Roles and Responsibilities" is merely a category or heading for one portion of the IG policy/program. The sentence that reads, "The first major section of most frameworks clearly define key roles and their responsibilities including:" is nothing more than an instruction from me to you describing the section. Then the 7 lines that follow is just an example of the key players for this particular example. In your IG Plan that you submit to me, if you have a section that looks like this, then you must also include a description of the roles and responsibilities for each entity/position described herein above. You will not include in your IG policy/program that you turn in to me the descriptions of what each category is used for, which is what I gave to you through what was intended to be nothing more than a "tip" to you on what to put in that section.
SAMPLE TEMPLATE FOR FORMAT AND CONTENT OF AN INFORMATION GOVERNANCE POLICY
The remainder of this paper was reproduced for educational purposes in its entirety from: https://www.infogovbasics.com/creating-a-policy/
A Definition of Scope
The framework should begin by establishing the full extent of the Information Governance program. An example of this could be:
"The Information Governance framework covers all staff that create, store, share and dispose of information. It sets out the procedures for sharing information with stakeholders, partners and suppliers. It concerns the management of all paper and electronic information and its associated systems within the organization, as well as information held outside the organization that affects its regulatory and legal obligations."
Roles and Responsibilities
The first major section of most frameworks clearly define key roles and their responsibilities, including:
Information Governance Committee Information Governance Team Information Risk Management Information Asset Management Records Manager
Line-of-Business Managers Employees
Information Policies
Information Governance covers a wide range of policies. The framework should set out which corporate policies are relevant to the Information Governance program. These may include:
? Information security policy ? Records management policy
? Retention and disposal schedules
? Archiving policy
? Data privacy policy
? ICT policy
? Information sharing policy
? Remote working policy
Information Procedures
A major part of the Information Governance framework should set out how the organization and its employees work with information. This can be broken into separate sections covering:
? Legal and regulatory compliance
? Creating and receiving information
? Acceptable content types
? Managing the volume of information
? Managingpersonalinformation
? Storing and archiving information
? Collaboration and sharing information
? Disposing of information
Working with Third Parties
As more and more information that affects a business is created and stored elsewhere it is essential to establish how the organization operates and shares information with stakeholders, partners and suppliers. The framework should:
? Define the policies for sharing information with third parties
? Define how the organization can manage how third parties handle personal and confidential information
? Define how Information Governance fits within supplier relationships and contractual obligations
? Define measurement and metrics for third party meeting the organization's Information Governance goals
Disaster Recovery, Contingency and Business Continuity
The framework should set out the organization's approach to:
? Reporting information losses
? Reporting information security breaches
? Incident management and escalation
? Back up and disaster recovery
? Business continuity management
Auditing, Measurement and Review
Information Governance is a continuous improvement process so it must be underpinned by a continuous monitoring procedure. The framework can set out the organization's approach to:
? Monitoring information access and use
? Monitoring effectiveness of regulatory compliance
? Monitoring the effectiveness of information security policy and procedure ? Monitoring of ICT and storage infrastructure performance
? Risk assessment and auditing
? Information Governance review.
Format your assignment according to the following formatting requirements:
1. The answer should be typed, double spaced, using Times New Roman font (size 12), with one-inch margins on all sides.
2. The response also include a cover page containing the title of the assignment, the student's name, the course title, and the date. The cover page is not included in the required page length.
3. Also Include a reference page. The Citations and references should follow APA format. The reference page is not included in the required page length.