TP Transcription Limited, trading as UniversityTranscriptions.co.uk. (the ‘company’) needs accurate, reliable and timely data in order to provide the best service to clients, to employ an effective team and to meet internal and external requirements. This policy defines our approach to data quality; it includes paper and electronic records. The Information Governance Lead is responsible for this policy.
The company needs to ensure its data quality to:
- Meet the requirements of GDPR and the Data Protection Act 2018
- Manage an effective team
- Keep accurate forms
- Provide appropriate and timely services in accordance with best practice guidelines
- Have accurate management information to maintain standards
- Monitor and review activities for continuing improvement
The obligations of the team to maintain accurate data include:
- The Department of Health, the Data Protection and Security Toolkit requirements
- The Data Protection Act 2018 and GDPR
- Contracts of employment
- Professional codes of practice
The company data quality standards are:
- Defined and consistent:
- Team members understand the data that is being
collected and it must be internally consistent
- Team members understand the data that is being
- Timely:
- Data is collected at the earliest opportunity
and data is retained for the minimum length of time defined in Record Retention
- Data is collected at the earliest opportunity
- Complete:
- Data, as required, is captured in full
- Free from duplication:
- Data is not duplicated
- Legitimacy, data is collected following the 7
key principles of GDPR:- Lawfulness, fairness and transparency
- Purpose limitation
- Data minimisation
- Accuracy
- Storage limitation
- Integrity and confidentiality (security)
- Accountability
How to check data quality
- We follow guidance in Information Governance Procedures for the collection, storage, security, retention and deletion of personal data
- At every stage of our order process we check with our clients that their data is correct
- Whenever we carry out email marketing we check for email bounces and delete those details
- Each year we review the data requests that we have had and make sure that the correct procedure has been followed
- If there is a duplicate record we follow the company procedure to remove/combine duplicates
Caldicott
As we undertake work for the NHS we follow the six Caldicott principles applying to the handling of patient-identifiable information, which are:
- Justify the purpose(s) of every proposed use or transfer
- Don’t use it unless it is absolutely necessary, and
- Use the minimum necessary
- Access to it is on a strict need-to-know basis
- Everyone with access to it is aware of their responsibilities, and
- Understand and comply with the law
Training
The Managing Director is responsible for training all staff
on the importance of the accuracy of any data they input, and of always
checking details. Training on information governance and data security is provided
at the annual general meeting.
Review
This policy is reviewed annually.
Related Documents
This policy should be read in conjunction with the Data
Protection and Information Security Policy