Page Comparison

Review of PIA document for LIN:

Although the PIA was initially made for LIN and Revalidation, TIS will be available over the internet to trainees. They will need to accept Privacy notices, terms and conditions of use on first time login.

The expectation for TIS (formerly to be called LIN) is to have trainees to accept cookie and privacy policy which should be similar to the one on HEE domain.

https://www.hee.nhs.uk/about-us/contact-us/privacy-cookies

A (12/10/2017):  With reference Gold guide, Chris Brady is working on an updated version. Explicit Splash screen is the preference for all users consistently. Link on the footer to be available all the time for Privacy Notice.

Clarity on Privacy Notice so that they can voice their concern where they have an opportunity to object.

The implications of objecting the privacy notice is yet to be analysed for trainees going forward.

A contact to be available on the page. (Support)

Review of PIA document for LIN:

No. LIN (TIS) will not utilise N3. Patient identifiable data is not to be entered onto the system. NHS Digital has validated this approach and LIN (TIS) will follow https:// commercial practice and the GSDM.

A (12/10/2017): 2FA is not in scope for TIS according to PIA document, it was only in the legacy system. This needs TIS needs to be clarified as concern was raised by Chris Brady and Andrew Todd on our IG call on 12/10. Follow up with Ray/Reuben.

Review of PIA document for LIN:

Mainly trainees, Training Programme Directors (TPD), HEE Staff, Education Supervisors, Devolved Administrators. 

(Page 14 of the PIA)

Non-NHS organisations that will have access to TIS (LIN) data include: 

Education Institutions - Higher Education Institutions and Further Education Institutions; Regulatory and curriculum setting bodies; Independent Health Sector Organisations that work with HEE for NHS training. These organisations include, for example, primary care service providers, UKAS accredited independent medical laboratories and independent sector treatment centres; NHS Business Services authority (covering NHS Protect); NHS Litigation Authority; Law enforcement organisations such as UK Police and UK security organisations.

A (12/10/2017): Do we have sharing agreements with non-NHS organisations? – To re-visit on weekly IG call with Christopher Brady and Andrew Todd. Chris will follow this up.

IGSGM – sign-off of the final HEE Privacy Notice when it’s completed.

Handling of sensitive data within TIS: The PIA pre-dates TIS. There is now availability of more sensitive data on TIS whilst new components are being developed on TIS, e.g. Ethnicity, Equality and Diversity Monitoring information.  

Should this be part of an overall process that involves project board as stated in LIN PIA to ensure all parties are in agreement of the personal/sensitive data available on TIS?

Review of PIA document for LIN:

The LIN Project Board will attend to the handling of sensitive data in keeping with its Information Governance Policy Framework throughout the business requirements gathering process and all subsequent stages of the project, including procurement, development and implementation. This includes all aspects of sharing, reuse and
limitation in the size of data mining “cells”.

A (12/10/2017): New PIA is required for TIS. –Follow up with Ray/Reuben

Trainees will need to see and agree a Privacy and Cookie Policy on first time logging in in order to participate in the HEE's training programmes. (Splash screen).

Privacy policy to have information regarding consent for the processing of personal identifiable or sensitive data. 

A (12/10/2017): All users of TIS will need to see and agree a Privacy and Cookie Policy on first time logging in in order to participate in the HEE's training programmes. (Splash screen).

Privacy policy to have information regarding consent for the processing of personal identifiable or sensitive data visible to Trainees.

Is HEE's Privacy Notice and Cookie Policy sufficient for TIS?

https://www.hee.nhs.uk/about-us/contact-us/privacy-cookies

A (12/10/2017): More or less the same. – However needs strengthening with regards to the changes coming along in GDPR.

Good enough for now to include for TIS.

On the system, on acceptance of the Privacy Notice at  first time log-on by trainees only.

A (12/10/2017): On the system, on acceptance of the Privacy Notice at first time log-on by all users only. This will need to be recorded and audited.

A (12/10/2017): Explicitly - Re-written for TIS with slight amendments to the one that exist on the HEE Domain. On first time login users will have to consent to the Privacy Notice and Cookie Policy. A link should also be made available somewhere on TIS (e.g. footer) to access the Privacy Notice.

Should it have a Terms and Conditions of Use either implicitly by logging in or first time consent on user registration or first login?

Terms & Conditions of use to cover the following which are not explicit on HEE website:

• Definitions
• Acceptance of terms
• Use of the TIS solution
• Secure access
• Copyright
• Validity of Information (disclaimer) e.g. https://www.gov.uk/help/terms-conditions

There may not be registration on TIS by trainees but they will be invited by email to join. 

A (12/10/2017): Explicitly - Re-written for TIS with slight amendments to the one that exist on the HEE Domain. On first time login users will have to consent to the Privacy Notice and Cookie Policy. A link should also be made available somewhere on TIS (e.g. footer) to access the Privacy Notice.

Is a separate cookie policy required to be available as a link on TIS and accessible all times?

• TIS use google analytics which is perhaps not similar cookies used by HEE domain cookie policy.

The expectation for TIS (formerly to be called LIN) is to have trainees to accept cookie policy which should be similar to the one on HEE domain.

https://www.hee.nhs.uk/about-us/contact-us/privacy-cookies

Assumption is trainees will need to accept cookie policy on first visit to the TIS landing page.

A (12/10/2017): GDPR – User have to be able to consent/object each of them individually

Right to object, right to be taken off, erase at any point in time.

Which will need to be recorded?

TBD on weekly IG call  

What are the cookies used by Google Analytics on TIS?

Information about the cookie name, Duration and Purpose required.

https://developers.google.com/analytics/devguides/collection/analyticsjs/cookie-usage

http://www.cookieclarity.com/googleanalytics.htm

Alex Dobre (Unlicensed) or Panos Paralakis (Unlicensed)

Ashley Ransoo - to compare the links sent by Panos with the cookies used on HEE domain.

Consideration for GDPR (May 2018) and therefore seek guidance on Information Governance.

TIS Phase 1 goes live beginning of April 2018.

https://connect.hee.nhs.uk/Interact/Pages/Content/Document.aspx?id=3456

https://ico.org.uk/for-organisations/data-protection-reform/overview-of-the-gdpr/

A (12/10/2017): ICO - HEE already registered, does not require re-registration unless we are doing things different to what they are asking in GDPR.

To re-visit on weekly call.

Retention of data within TIS. - DPA Principle 5

Recommendation (approved on 31 March by TIS Project Board):

HEE should come to a corporate view on the above risk, consulting within DEQ, DPD and with corporate colleagues responsible for information governance. Following this and before taking any action to remove and delete data it would be best to consult more widely as appropriate across all of the UK national NHS training and education authorities and learner stakeholders with a view to alignment and agreement on a consistent policy to underpin equal treatment of data subjects.

HEE Records management policy - 5.6 Retention and disposal – there are consistent and documented retention and disposal procedures to include provision for permanent preservation of archival records

Is this still outstanding?

Should we consider Intrepid and Oriel as a precedence?

• Oriel - Data Archiving Policy.docx

A (12/10/2017): We have the responsibility to be clear on the retention policy. This needs to be reflected explicitly on the Privacy Notice wording.

It's just been reviewed, need to be ratified.

Archiving to be reviewed to be reviewed when requirements ready.

Data warehousing / Archiving purposes – requirements, what data is required? – GDPR

Have the data flows to the following been risk assessed and mitigated?

• Intrepid
• ESR
• GMC/GDC

The GMC, a major Non-NHS recipient of LIN data, has its own compliant data retention regime. All organisations using the system will be required to provide an annual return for the IAO to this effect.

The governance around ESR integration is well documented and rigorous. It is possible that integration with other systems such as e-Portfolios will be considered in due course and, if so, this will be subject to a fresh PIA.

as e-Portfolios will be considered in due course and, if so, this will be subject to a fresh PIA.

Does Keycloak allows configuration of cookies? If so, can they be aligned with HEE's cookies policy?

https://www.hee.nhs.uk/about-us/contact-us/privacy-cookies

What are the retention periods (what is the minimum timescale) for TIS data?

Note: This is distinct from Legacy data that will be availble available in the mirror up to a point. We are here referring to data that will be held on TIS.

Do we need to explicitly make mention on this on TIS Private notice?

From PIAReview of PIA document for LIN:

The LIN project board has yet to consider the extent to which the system might remain available to learners after the end of their training programme.

The data retention periods for TIS will be stated in due course. Learners may want access to their data over the duration of their training programmes and perhaps for longer. Authorised users may require historical access to their data. HEE will propose the archive rationale and this may involve selected data being extracted and stored on a secure server. It is also planned to share the data, under clear agreements, with organisations involved in training, education and development. HEE will be clear about data retention arrangements for day-to-day operations and longer-term research and evaluation purposes. Where it is planned to use data for research and evaluation purposes outside the basic data retention period the HEE Board will be requested to approve it on a case-by-case basis to ensure compliance with the Data Protection Act.