DRAFT
Page content:
- Description
- Components
- Scope
- Related JIRA ticket links
- For Discussion & Assumptions
- Agreed Next Steps
Description
The question was raised whether TIS should have a cookie policy against apps.tis.nhs.uk with a corresponding disclaimer/consent.
The HEE one is on a parallel domain: https://www.hee.nhs.uk/about-us/contact-us/privacy-cookies and includes specific individual cookie details which may set a precedent or at least expectation against LIN.
Need to consider different user groups - HEE staff, Trainees, Trusts, Trainers etc who will have different legal relationships to HEE and TIS
Components:
Scope:
Need to consider different user groups - HEE staff, Trainees, Trusts, Trainers etc who will have different legal relationships to HEE and TIS.
*As a* Information Governance lead
*I Want* to ensure that all TIS users have signed/agreed the relevant information governance T&Cs
*So That* they are compliant with HEE policy and law on data governance
Jira Links:
- TIS-289Getting issue details... STATUS
- TISDEV-2633Getting issue details... STATUS
- TISDEV-1216Getting issue details... STATUS
- TISDEV-2632Getting issue details... STATUS
For Discussion and Assumptions:
Item | Question | Comment | Owner |
---|---|---|---|
1 | Technically as it isn't a 'public facing' service does it need one? Would it be good practice to include on anyway for Learners confidence in the system? | DRAFT - ahead of discussion with Ray Hill | |
2 | Is there a need to consider different user groups - HEE staff, Trainees, Trusts, Trainers etc who will have different legal relationships to HEE and TIS? | ||
3 | Should it have a Terms of Use either implicit by logging in or first time consent on user registration/first login? | ||
4 | Is a cookie policy required? | ||
5 | Is a Disclaimer/Consent required? Is so for which users? | ||
6 | Do we need to consider Terms & Conditions of Use? | ||
7 | Do we also need to consider Account and Password policy as part of this? | ||
8 | Consideration forĀ GDPR (May 2018) and therefore seek guidance on Information Governance (Andrew Todd)? | ||
Examples we could consider:
Next steps:
Discuss with Ray Hill on the above and agree the next steps.
Add Comment