NHS InfoGov Wiki
Information Governance Wiki
This website has been developed to provide NHS IG professionals with a single resource covering the key aspects of PKB's Information Governance approach.
If you are unable to find what you are looking for or feel that certain documentation should be included, please email ig@patientsknowbest.com - we will be happy to assist with your query and welcome suggestions on how we could improve this website.
Compliance Pack (Zip Archive)
For convenience all key documents can be downloaded as a single archive for local reference and attachment to other documentation.
Direct link: Please click here
Site Map
- Dataflows & Diagrams
PKB Architectural Diagram -- PKB's arch & infrastructure diagrams
Dataflows -- A breakdown of PKB data flows
Simple Relationships -- Details of the various relationships between PKB, customer, data subject, etc.
- Agreements and Legal
DPIA -- PKB's Data Protection Impact Assessment
NHS DPC -- Data Processing Contract, replaces previous agreements like the Information Processing Agreement
NHSX Opinion -- Legal opinion from NHSX regarding PKB and NHS Providers
The NHS Model -- An overview of the lawful basis and NHS-approved model
- Registrations & Certification
Cyber Essentials Plus -- PKB's CE+ certification
DSPT -- Details of PKB's Data Security and Protection Toolkit
DTAC -- Details of PKB's DTAC submission
ISO27001 -- ICO27001 certificate for Google Cloud Platform and PKB's own ICO27001 compliance documents
ODS, ICO, etc. -- Registrations; ICO Data Protection Register, NHS Data Organisation Service, etc.
- Policies
Business Continuity -- Overview of PKB's Business Continuity approach
Incident Management -- PKB's Incident Response and Management Policy, mapped against NHS Digital guidelines
Privacy Notice -- Privacy information provided to Patients
Record Deletion Policy -- PKB's approach to retention and deletion
Security Policy -- PKB's Information Security Policy