This site is optimised for modern browsers. For the best experience, please use Google Chrome, Mozilla Firefox, or Microsoft Edge.

CRN East Midlands Information Governance Incidents Process

Published: 14 May 2020
Read Time: minutes
Version: 7.0 - May 2020
Print this document

Contents

Process for reporting information governance incidents arising from CRN East Midlands funded activities

Introduction

The NIHR Clinical Research Network Coordinating Centre (CRN CC) expects all Local Clinical Research Networks (LCRNs) to have a process in place to report Information Governance (IG) incidents of a severe/significant nature arising from LCRN funded activities to the CRN IG Manager, using the dedicated mailbox: crncc.ig@nihr.ac.uk. Incidents of a severe/significant nature may typically include:

  • Breach one of the principles of the Data Protection Act (2018), General Data Protection Regulation (GDPR) and/or the Common Law Duty of Confidentiality.
  • Unlawful disclosure or misuse of confidential data, recording or sharing of inaccurate data, information security breaches and inappropriate invasion of people’s privacy.
  • Personal data breaches which could lead to identity fraud or have other significant impact on individuals.
  • Unauthorised disclosure of business information and potential confidentiality breach resulting in reputational damage

The CRN CC expects to be notified by the LCRN within 2 - 4 working days of the said breach. CRN East Midlands has established this IG reporting process so as to ensure we can report any incidents arising within 2 - 4 working days of notification from our Partner organisations to the NIHR CRN Coordinating Centre.

CRN East Midlands IG Leads

The CRN East Midlands is required to have in place an Information Governance Lead, whose role is to ensure prompt reporting of any IG events, as they arise. In addition to an IG Lead for the Network, there is an expectation that Partner organisations have a responsibility to manage and report any IG incidents through their existing procedures, within each organisation. The IG Leads for our Partner organisations are available via the link below.

Research Delivery

Any IG incidents arising from research delivery activities within Partner organisations will be reported to:
 
Penny Scardifield, Network Senior Research Nurse, penny.scardifield@nihr.ac.uk

LCRN Business

LCRN Business incorporates the Study Support Service (SSS), Finance, Business Intelligence, Workforce Development, Communications and PPIE activities. Any IG incidents arising from these business areas are to be reported to:
 
Michele Eve (Workforce Development), michele.eve@nihr.ac.uk
 
Roz Sorrie-Rae (Study Support Service),  roz.sorrie-rae@nihr.ac.uk
 
Elizabeth Moss / Carl Sheppard (any other matters), elizabeth.moss@nihr.ac.uk / carl.sheppard@nihr.ac.uk