Functions in relation to information
227.Information on safety of services provided by the health service. Following abolition of the National Patient Safety Agency under Part 10, new section 13R will give the NHS Commissioning Board responsibility for the functions currently carried out by the Agency in respect of reporting and learning from patient safety incidents. The intention is to ensure that patient safety is embedded into the health service through CCGs and the contracts they agree with providers.
228.Guidance in relation to processing of information. New section 13S places a duty on the NHS Commissioning Board to publish guidance on information processing requirements, sometimes termed information governance requirements, in respect of patient information or other information obtained or generated in the course of the provision of health services. These requirements may include confidentiality and information security and risk management practice, records management, data protection, disclosure of information and information quality. Subsection (2) requires registered persons who carry out activities connected to healthcare provision to have regard to the published guidance. Information processing is as defined in the Data Protection Act 1998 and covers any possible activity involving information obtaining, holding, recording, using or sharing. Provisions within Part 10 of this Act insert new section 20A into the Health and Social Care Act 2008, which incorporates the definition of “processing” in the Data Protection Act.