...
- Discuss with Ray Hill on the above below questions and agree the next steps.
- User Journeys to get to the relevant privacy notice pages and cookie policy
- Decide on the content of the cookie policy and the relevant page and create draft.
- Review SOPS and Governance Compliance documents on Confluence.
- Review of ESR - how data will be processed?
- Arrange Discuss questions on call with Ray/Andrew Todd /RayHill on GDPR considerationson 12/10.
Description
The question was raised whether TIS should have a cookie policy against apps.tis.nhs.uk with a corresponding disclaimer/consent.
...
| Item | Question | Comment | Owner | ||
|---|---|---|---|---|---|
| 1 | Technically as it isn't a 'public facing' service does it need one? Would it be good practice to include on anyway for Learners confidence in the system? Or is it superceded superseded by HEE IG terms? | Reviewed PIA document for LIN. Although the PIA was initially made for LIN and Revalidation, TIS will be available over the internet to trainees. They will need to accept Privacy notices, terms and conditions of use on first time login. The expectation for TIS (formerly to be called LIN) is to have trainees to accept cookie policy which should be similar to the one on HEE domain. https://www.hee.nhs.uk/about-us/contact-us/privacy-cookies | Ray Hill (Unlicensed) | ||
| 2 | Is TIS going to be made available to non-trainees over N3 network? | (c.f. PIA document) No. LIN (TIS) will not utilise N3. Patient identifiable data is not to be entered onto the system. NHS Digital has validated this approach and LIN (TIS) will follow https:// commercial practice and the GSDM. | |||
| 3 | Who will have access to the information within TIS? | Mainly trainees, Traininf Programme Directors (TPD), HEE Staff, Education Supervisors, Devolved Administrators. (Page 14 of the PIA) Non-NHS organisations that will have access to TIS (LIN)data include: Education Institutions - Higher Education Institutions and Further Education Institutions;Regulatory and curriculum setting bodies;Independent Health Sector Organisations that work with HEE for NHS training. These organisations include, for example, primary care service providers, UKAS accredited independent medical laboratories and independent sector treatmentcentres; NHS Business Services authority (covering NHS Protect) NHS Litigation Authority Law enforcement organisations such as UK Police and UK security organisations. | |||
| 4 | Handling of sentitive data within TIS: The PIA pre-dates TIS. There is now availability of more sensitive data on TIS whilst new components are being developed on TIS, e.g. Enthicity, Equality and Diversity Monitoring information. Should this be part of an overall process that involves project board as stated in LIN PIA to ensure all partties are in agreement of the data available on TIS? | The LIN Project Board will attend to the handling of sensitive data in keeping with its Information Governance Policy Framework throughout the business requirements gathering process and all subsequent stages of the project, including procurement, development and implementation. This includes all aspects of sharing, reuse and limitation in the size of data mining “cells”. | |||
| 5 | Is there a need to consider different user groups - HEE staff, Trainees, Trusts, Trainers etc who will have different legal relationships to HEE and TIS? | Trainees will be public facing I believe whille the rest of the users over N3. Trainees will need to see and agree a Privacy Policy on first time logging in in order to participate in the HEE's training programmes. (Splash screen). Privacy policy to have information regarding consent for the processing of personal identifiable or sensitive data. | Ray Hill (Unlicensed) | ||
| 6 | Is HEE's Privacy Notice sufficient for TIS? | Ray Hill (Unlicensed) | |||
| 7 | How will consent and non-consent to the Privacy Notice be recorded? And is it sufficient? | On the system, on acceptance of the Privacy Notice at log-on by trainees only. | Ray Hill (Unlicensed) | 3||
| 8 | On TIS, how will the individuals be informed of and have given their consent to all the processing and disclosures? | Implicitly - Privacy Notice on HEE's website including use of any Apps associated with LIN (TIS). Explicitly? - Re-written for TIS with slight amendments. | |||
| 9 | Should it have a Terms and Conditions of Use either implicitly by logging in or first time consent on user registration or first login? | There may not be registration on TIS by trainnes but they will be invited by email to join. | Ray Hill (Unlicensed) | 4Implicitly - Privacy Notice on HEE's website including use of any Apps associated with LIN (TIS). Explicitly? - A re-written Privacy Notice for TIS with slight amendments which the trainnes have to accept on first login.
| |
| 10 | Is a cookie policy required? | Temporary session cookie only to enable section of the site to be used and navigated or persistant cookies? Or persistent cookie until the time set expires or the user deletes the cookie? Required for trainees to view and accept cookies. Whether temporary or persistant is a technica decision. | Ray Hill (Unlicensed) | ||
| 5 | Is a Disclaimer/Privacy Policy required? Is so for which users? | This is more about the data collected and how they are processed by TIS. Documents available on: SOPS - confluence (Ray ro send) Governance compliance - confluence (Ray to send) | Ray Hill (Unlicensed) | ||
| 6 | The expectation for TIS (formerly to be called LIN) is to have trainees to accept cookie policy which should be similar to the one on HEE domain. https://www.hee.nhs.uk/about-us/contact-us/privacy-cookies Assumption is trainees will need to accept cookie policy on first visit to the TIS landing page. | ||||
| 11 | Do we need to consider a link for 'Terms & Conditions of Use' visible and accessible at all time on the TIS? | Ray Hill (Unlicensed) | |||
| 8 | 12 | Consideration for GDPR (May 2018) and therefore seek guidance on Information Governance (Andrew Todd)? HEE Records management policy - 5.6 Retention and disposal – that there are consistent and documented retention and disposal procedures to include provision for permanent preservation of archival records | Yes - removal of data from the system requests Retention of medical records requirement Arrange Call on Wednesday/Thurs - meeting with Andrew Todd | Ray Hill (Unlicensed) | |
| 13 | Retention of data within TIS. - DPA Principle 5 “Retention of data (Principle 5) is a current gap given the lack of an agreed retention/disposal policy/” Source: NES ePortfolio Document November 2015. | Recommentation (approved on 31 March by TIS Project Board): HEE should come to a corporate view on the above risk, consulting within DEQ, DPD and with corporate colleagues responsible for information governance. Following this and before taking any action to remove and delete data it would be best to consult more widely as appropriate across all of the UK national NHS training and education authorities and learner stakeholders with a view to alignment andagreement on a consistent policy to underpin equal treatment of data subjects. HEE Records management policy - 5.6 Retention and disposal – there are consistent and documented retention and disposal procedures to include provision for permanent preservation of archival records Is this still outstanding? Should we consider Intrepid and Oriel as a precedence? | |||
| 14 | Have the data flows to the following been risk assessed and mitigated?
| The GMC, a major Non-NHS recipient of LIN data, has its own compliant data retention regime. All organisations using the system will be required to provide an annual return for the IAO to this effect. The governance around ESR - Reviewintegration is well documented and rigorous. It is possible that integration with other systems such as e-Portfolios will be considered in due course and, if so, this will be subject to a fresh PIA. | |||
| 15 | Is there going to be any integration with ePortfolio? | ||||
| 16 | PIA , BCP and SlSP documents are quite dated and makes mention to LIN mostly. Should there be a review of and re-baselining of those documents for TIS? | Ray Hill (Unlicensed) | |||
| 17 | Does Keycloak allows configuration of cookies? If so, can they be aligned with HEE's cookies policy? | ||||
| 18 | Is there a useable audit trail in place for TIS? For example, to identify who has accessed a record and when etc.? (to comply with GDSM) | ||||
| 19 | What are the retention periods (what is the minimum timescale) for TIS data? Note: This is distinct from Legacy data that will be availble in the mirror up to a point. We are here referring to data that will be held on TIS. Do we need to explicitly make mention on this on TIS Private notice? | From PIA: The LIN project board has yet to consider the extent to which the system might remain available to learners after the end of their training programme. The data retention periods for TIS will be stated in due course. Learners may want access to their data over the duration of their training programmes and perhaps for longer. Authorised users may require historical access to their data. HEE will propose the archive rationale and this may involve selected data being extracted and stored on a secure server. It is also planned to share the data, under clear agreements, with organisations involved in training, education and development. HEE will be clear about data retention arrangements for day-to-day operations and longer-term research and evaluation purposes. Where it is planned to use data for research and evaluation purposes outside the basic data retention period the HEE Board will be requested to approve it on a case-by-case basis to ensure compliance with the Data Protection Act. | Ray Hill (Unlicensed) |
Examples we could consider:
- HEE Privacy and Cookie Policy: https://www.hee.nhs.uk/about-us/contact-us/privacy-cookies
- Intrepid
- Oriel
- Terms & Conditions of Use
- Privacy PolicyAccount and Password Policy
