RCP Statement of Information Governance Assurance Crown Informatics is commissioned by the RCP Falls & Fragility Fracture Audit Programme (FFFAP) to deliver the collection of the audit data.
The data controllers of the audit data are the audit programme commissioners, the Healthcare Quality Improvement Partnership (HQIP), and Crown Informatics are an appointed data processor.
The RCP audit programme team, HQIP and Crown Informatics have worked hard to ensure that all appropriate national and NHS information governance approvals are in place.
All users can be assured that audit data will be managed securely and in accordance with all legal regulations, NHS guidelines and protocols.
Specifically, both RCP & Crown Informatics are duly authorised and contractually bound to uphold strict IG governance in respect of:
• Data Protection Act 2018 (RCP Registration: Z7085833, Crown Informatics Registration: Z3566445)
• EU General Data Protection Regulation (EU) 2016/679 (GDPR)
• Section 251 of the NHS Act 2006 (CAG reference: CAG 8-03(PR11)/2013)
• NHS IG-Toolkit Statements of Compliance (RCP/8J008, Crown Informatics/8J157)
• Data Sharing and Transfer Agreements duly authorised by the audit commissioners Healthcare Quality Improvement Partnership
System Level Security Policy (SLSP)
The Crown Informatics System Level Security Policy for the "Crown Audit" Platform is available on request. Please contact audit support.