Tag Archive for Information Governance Toolkit

FOI and the NHS Target Culture

Whilst I do try to keep a balance in my blog posts, recognising and indeed supporting the need for openness in the public sector, on occasion I have used this forum to have a bit of a moan about the less desirable impacts of FOI. And that’s fair enough, I think – this blog’s supposed to be about what FOI Officers really think. But I’ve got particular sympathy for one group of FOI Officers – those working for the NHS.

We’re all familiar with tales of NHS targets, and we may even support them where they can be shown to be effective. We’d all like to be seen by our GP whilst we’re either still ill or alive, and when referred to a consultant, it doesn’t seem unreasonable to expect an appointment sometime this year. What you might not be aware of is that these targets even impact on FOI Officers.

The NHS has something called the Information Governance Toolkit (or IG Toolkit). It sets out requirements for all parts of the NHS in respect of information governance including such things as patient confidentiality, data sharing, and compliance with relevant legislation such as the Data Protection Act and, naturally, FOI. Each NHS Trust has to make a submission indicating their rating against a scale of zero to three for each requirement. They also have to collect and upload evidence that they have attained the level they are claiming.

The last time I checked (last year), there were 62 requirements applying to most hospital Trusts, but the number and the standards required are changed every year. Ostensibly, Trusts have to make their Toolkit submission once a year, at the end of March, but in practice, they are required to submit updates on performance on pretty much a quarterly basis. Not surprisingly, the workload involved in collecting all this evidence and submitting it every quarter is pretty onerous. Once this effective ‘audit’ of information governance has been carried out, it is subject to a further audit by the contractors brought in to carry out internal audits, and may well be subject to further external audit.

NHS Trusts are, it is no surprise to anyone, struggling financially. What resources they do have are focussed, quite rightly, on patient care. So there isn’t much resource around to put to work on tackling information governance issues. A typical team (and often they will be spread throughout the Trust rather than placed in one team) in a busy hospital Trust will consist of a Health Records Manager/Librarian, running a registry of patient records with a small team of staff to support them in ensuring that medical staff have the right records to hand when they see patients, and to answer the three or four thousand subject access requests a year from patients (or more often their solicitors) considering taking legal action against the Trust. They may have an Information Governance Manager and/or Officer (if they’re lucky), and maybe a corporate records manager (if they’re very, very lucky). One of those people will be given responsibility for answering FOI requests as well.

So I, and I suspect many of the folk who actually work in information governance work in the NHS, find myself wondering, what is the point of adding to this burden by insisting on Trusts completing quarterly Toolkit returns? If you have limited resources, isn’t it more important to focus on actually improving things than constantly assessing and reassessing progress to the point that you don’t actually have time to make progress? The bods at the top would say that this is about protecting patients, but this activity notably hasn’t actually stopped doctors leaving patient notes on trains or saving records of hundreds of patients onto memory sticks which they then lose. If anything, I suspect it drives bad practice underground as NHS Trusts and their employees are reluctant to admit to failings in their systems. It’s also worth noting that many of the requirements covered by the Toolkit are duplicated (at least) by other target setters (such as the Care Quality Commission), so invariably, Trusts have to provide the evidence to several different bodies.

To give you a flavour of how ridiculous the Toolkit requirements are, here are some of this year’s for FOI, together with comments I’ve received from one of my readers who works for a Trust.

“Documented procedures for identifying ’round robin’ FOI requests and alerting FOI SHA Lead…FOI Lead’s job description should include responsibility for reporting the above…Staff that manage FOI requests should be alert to the possibility that a request may have been sent to a number of organisations – ’round robin requests’ – and there should be a documented procedure for alerting Strategic Health Authority (SHA) FOI leads so that they can provide coordination and support. SHA FOI Leads should in turn alert the Department of Health.”

As the FOI Officer comments, none of this is required to comply with the Act. It’s just additional workload. How do they know if it’s a round robin unless they proactively contact other FOI officers on every FOI they receive? ‘Round robins’ aren’t defined – does it count if only two Trusts receive it? Should ’round robin’ requesters be treated differently? It’s not even as though the SHA lead co-ordinates these responses – they just reiterate that Trusts should comply with the Act. Informal advice is always welcome, but to strictly require professional FOI Officers to report such requests centrally is just overkill.

“FOI applicant feedback / satisfaction surveys”

Yes, NHS Trusts are required to take steps to find out how happy you were with your FOI response. Never mind the fact that if you were dissatisfied, there’s an appeal process you can use. Nor the fact that frankly most people just want the information and don’t want to be bothering with feedback questionnaires or surveys (I can count the number of times someone has proactively sought to get in touch to say thank you for the information they’ve been given on one hand, so they’re not exactly clamouring for us to do this). NHS staff are having to set up surveys specifically to tick this box in the Toolkit.

“Complex complaints/appeals are referred to the IG Forum (or equivalent) for consideration and dealt with appropriately” ; this should be in “the terms of reference for the relevant group”. Also Trusts are required to produce “reports detailing complex complaints and the outcomes”

Most NHS Trusts, as you might expect after 6 years of experience, already have effective appeal processes in place. With 60+ IG Toolkit requirements to monitor most Trust IG Forums/Committees have more than enough to consider at their meetings, without having to review reports on ‘complex complaints’ that have been dealt with.

So if you work in the NHS and are involved with submitting your annual assessment for the IG Toolkit at present, you have my full sympathy. If you’re a journalist, you might want to consider bringing this outrageous waste of time and money to the attention of the Government. Nothing appears to have changed since Mr Lansley arrived in Whitehall, and this is one area that really is suffering from a surfeit of bureaucracy.