Versions Compared

Old Version 2

changes.mady.by.user Ashley Ransoo

Saved on

compared with

New Version 3

changes.mady.by.user Ashley Ransoo

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

DRAFT

Description

Should TIS Page content:

  • Description
  • Components
  • Scope
  • Related JIRA ticket links
  • For Discussion & Assumptions
  • Agreed Next Steps


Description

The question was raised whether TIS should have a cookie policy against apps.tis.nhs.uk with a corresponding disclaimer/consent?.

The HEE one is on a parallel domain: https://www.hee.nhs.uk/about-us/contact-us/privacy-cookies and includes specific individual cookie details which may set a precedent or at least expectation against LIN?.


Need to consider different user groups - HEE staff, Trainees, Trusts, Trainers etc who will have different legal relationships to HEE and TIS


Components:

TIS-679


Scope:

Need to consider different user groups - HEE staff, Trainees, Trusts, Trainers etc who will have different legal relationships to HEE and TIS.

*As a* Information Governance lead
*I Want* to ensure that all TIS users have signed/agreed the relevant information governance T&Cs
*So That* they are compliant with HEE policy and law on data governance


Jira Links:

Jira Legacy
serverSystem JIRA
serverId4c843cd5-e5a9-329d-ae88-66091fcfe3c7
keyTIS-289

Jira Legacy
serverSystem JIRA
serverId4c843cd5-e5a9-329d-ae88-66091fcfe3c7
keyTISDEV-2633

Jira Legacy
serverSystem JIRA
serverId4c843cd5-e5a9-329d-ae88-66091fcfe3c7
keyTISDEV-1216

Jira Legacy
serverSystem JIRA
serverId4c843cd5-e5a9-329d-ae88-66091fcfe3c7
keyTISDEV-2632



For Discussion and Assumptions:


...

ItemQuestionCommentOwner
1Technically as it isn't a 'public facing' service does it need one? Would it be good practice to include on anyway for Learners confidence in the system?

Should it have a Terms of Use either implicit by logging in or first time consent on user registration/first login?

DRAFT - ahead of discussion with Ray
2Is there a need to consider different user groups - HEE staff, Trainees, Trusts, Trainers etc who will have different legal relationships to HEE and TIS?

...



3

...

Should it have a Terms of Use either implicit by logging in or first time consent on user registration/first login?

4Is a cookie policy required?

5Is a Disclaumer/Consent required? Is so for which users?

6Do we need to consider Terms & Conditions of Use?

7Do we also need to

...

consider Account and Password policy as part of this?

8Consideration

...

forĀ GDPR (May 2018)

...

and therefore seek guidance on Information Governance (Andrew Todd)?















Examples we could consider:


Next steps:

Discuss with Ray on the above and agree the next steps.