Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 9 Next »

DRAFT

Page Content:

  • Description
  • Components
  • Scope
  • Related JIRA ticket links
  • For Discussion & Assumptions
  • Agreed Next Steps


Description

The question was raised whether TIS should have a cookie policy against apps.tis.nhs.uk with a corresponding disclaimer/consent.

The HEE one is on a parallel domain: https://www.hee.nhs.uk/about-us/contact-us/privacy-cookies and includes specific individual cookie details which may set a precedent or at least expectation against LIN.

Need to consider different user groups - HEE staff, Trainees, Trusts, Trainers etc who will have different legal relationships to HEE and TIS


Components:

TIS-679


Scope:

Need to consider different user groups - HEE staff, Trainees, Trusts, Trainers etc who will have different legal relationships to HEE and TIS.

*As an* Information Governance lead
*I Want* to ensure that all TIS users have signed/agreed the relevant information governance T&Cs
*So That* they are compliant with HEE policy and law on data governance


Jira Links:

TIS-289 - Getting issue details... STATUS

TISDEV-2633 - Getting issue details... STATUS

TISDEV-1216 - Getting issue details... STATUS

TISDEV-2632 - Getting issue details... STATUS



For Discussion and Assumptions:


ItemQuestionCommentOwner
1Technically as it isn't a 'public facing' service does it need one? Would it be good practice to include on anyway for Learners confidence in the system?
Ray Hill (Unlicensed)
2Is there a need to consider different user groups - HEE staff, Trainees, Trusts, Trainers etc who will have different legal relationships to HEE and TIS?
Ray Hill (Unlicensed)
3Should it have a Terms of Use either implicit by logging in or first time consent on user registration/first login?
Ray Hill (Unlicensed)
4Is a cookie policy required?
Ray Hill (Unlicensed)
5Is a Disclaimer/Consent required? Is so for which users?
Ray Hill (Unlicensed)
6Do we need to consider Terms & Conditions of Use?
Ray Hill (Unlicensed)
7Do we also need to consider Account and Password policy as part of this?
Ray Hill (Unlicensed)
8Consideration for GDPR (May 2018) and therefore seek guidance on Information Governance (Andrew Todd)?
Ray Hill (Unlicensed)














Examples we could consider:

  1. HEE Privacy and Cookie Policy: https://www.hee.nhs.uk/about-us/contact-us/privacy-cookies
  2. Intrepid 
  3. Oriel


Next steps:

  • Discuss with Ray Hill on the above questions and agree the next steps.
  • User Journeys to get to the relevant privacy notice pages and cookie policy
  • Decide on the content of the cookie policy and the relevant page and create draft.


  • No labels

Slack: https://hee-nhs-tis.slack.com/
Jira issues: https://hee-tis.atlassian.net/issues/?filter=14213