Information Governance (IG)

What is information governance (IG)?

Information Governance is the way by which the NHS handles all organisational information – in particular the personal and sensitive information of patients and employees. It allows organisations and individuals to ensure that personal information is dealt with legally, securely, efficiently and effectively, in order to deliver the best possible care.

It provides a framework to bringing together the requirements, standards and best practice that apply to the handling of information. It has four fundamental aims:

  • To support the provision of high quality care by promoting the effective and appropriate use of information;
  • To encourage responsible staff to work closely together, preventing duplication of effort and enabling more efficient use of resources;
  • To develop support arrangements and provide staff with appropriate tools and support to enable them to discharge their responsibilities to consistently high standards;
  • To enable organisations to understand their own performance and manage improvement in a systematic and effective way.

IG has come about because of concerns about public sector data protection. A board-level Senior Information Risk Owner (SIRO) is required in each organisation for IG.

More info

How do SIRO and Caldicott Guardian differ?

SIRO and Caldicott Guardian should work together.  However,


  • Is accountable
  • Fosters a culture for protecting and using data
  • Provides a focal point for managing information risks and incidents
  • Is concerned with the management of all information assets

The Caldicott Guardian

  • Is advisory
  • Is the conscience of the organisation
  • Provides a focal point for patient confidentiality & information sharing issues
  • Is concerned with the management of patient information

Leave a Reply

You must be logged in to post a comment.