XClose

Information Services Division

Home
Menu

Approved Information Governance documents

These documents have been approved by the SLMS Information Governance Steering Group.

NHS Digital Data Sharing Framework Contract - DSFC

NameDescriptionAvailable for

CON-321538-B5D8B

NHS Digital DSFC with UCL (PDF)NHS Digital: Data Sharing Framework Contract. This applies to all data supplied to UCL by NHS Digital.

Recently updated (18/06/2019)

NameDescriptionAvailable for
SLMS-IG31UCL Data Safe Haven Scope (PDF)Scope document for the Data Safe Haven Information Security Management System (ISMS)

Policy, planning and procedure

NameDescriptionAvailable for
SLMS-IG03   SLMS Research Information Governance Policy (PDF)Information Governance Policy for the SLMS    
SLMS-IG03bData Safe Haven Acceptable Use Statement (PDF)Acceptable Use Statement, required for access to the Data Safe Haven
SLMS-IG08   HR Contracts Audit and Plan (PDF)Audit of HR contracts for staff, contractors and third parties. Contains recommendations and action plan for implementation 
SLMS-IG09a   Confidentiality Audit Procedure (PDF)Confidentiality audit guidelines    
SLMS-IG15   Incident reporting procedure (PDF)Process describing how information incidents are reported to the IGSG and other bodies 
SLMS-IG16   Training Policy (PDF)Analysis of training needs, mapping appropriate elements of the IG Toolkit training to roles 
SLMS-IG18Communications Plan (PDF) Communications plan for the SLMS IG Framework
SLMS-IG20c   

Updates to the UCL Information Security Policy (PDF)

See section 2.9

Contractual clauses covering IG requirements and confidentiality linked to disciplinary procedures and action plan to ensure new contracts have requisite compliance 
SLMS-IG20d   

Updates to the UCL Researchers Code of Conduct

See section 7

Contractual clauses covering IG requirements and confidentiality linked to disciplinary procedures and action plan to ensure new contracts have requisite compliance. 
SLMS-IG21aModel Remote Access Policy (PDF)Policy for SLMS Mobile and Teleworking authorisation and Acceptable Use Policy
SLMS-IG36Data Safe Haven Access Control Policy (PDF)Policy for Access Control within the Data Safe Haven

Guidance

NameDescriptionAvailable for
SLMS-IG04a   Data Handling Guidance (PDF)Guidance on confidential data handling and secure transfer
SLMS-IG14  Anonymisation GuidanceGuidance for implementing pseudonymisation within the SLMS    

Templates and tools

NameDescriptionAvailable for
SLMS-IG09b   Confidentiality Audit Template (Excel)Template for spot check on processes when using Personally Identifiable Data
SLMS-IG11  Information Risk Tool (Excel)Spreadsheet used to capture information assets and assess risks associated with data transfer 
SLMS-IG13a   Risk Assessment Tool for physical security (Excel)Spreadsheet used to assess physical security and to produce an action plan    
SLMS-IG20a   

Non-Disclosure Agreement for contractors (Word)

Note: password protected

Non-Disclosure Agreement for use with third parties and contractors 
SLMS-IG20b

Non-disclosure Agreement for individuals (Word)

Note: password protected

Non-Disclosure Agreement for use with individuals who do not have UCL contracts
SLMS-IG21bRemote Working Procedures and Approval (PDF)Procedures, including approval mechanism, for remote working    
SLMS-IG22a   Information Sharing Agreement: UCL as Data Processor (Word)Information Sharing Agreement template where UCL is the Data Processor (i.e. receiving data) 
SLMS-IG22b  Information Sharing Agreement: UCL as Data Controller (Word)Information Sharing Agreement template where UCL is the Data Controller (i.e. sending data to be processed)
SLMS-IG22c    Information Sharing Agreement: UCL as Data Controller in common with another organization (Word)Information Sharing Agreement template where UCL is the Data Controller in common with another organisation 
Draft - work in progressJoiners, movers and leavers checklistTemplate joiners, movers and leavers checklist

Roles and responsibilities

NameDescriptionAvailable for
SLMS-IG01IG Steering Group ToR  (PDF)Terms of Reference for the SLMS Information Governance Steering Group (IGSG) 
SLMS-IG02   SIRO Role (PDF)Role description for the SLMS Senior Information Risk Owner (SIRO)    
SLMS-IG05   IG Lead Role (PDF)Role description for the SLMS Information Governance Lead    
SLMS-IG07   IG Officer Role (PDF)Role description for the SLMS IG Officer    
SLMS-IG31Data Safe Haven Scope (PDF)Scope document for the Data Safe Haven Information Security Management System (ISMS)
SLMS-IG32SLMS IG Framework - roles and responsibilities (PDF)Details roles and responsibilities within the SLMS IG Framework 
SLMS-IG35SLMS ISMS Operational Group ToR (PDF)Terms of Reference for the ISMS Operational Group