INSTRUCTIONS FOR PHASE III During residency weekend your team worked on an outline for an overall Information Governance Plan/Program for the hospital. It is your task to now add the “content” to the

INSTRUCTIONS FOR PHASE III

During residency weekend your team worked on an outline for an overall Information Governance

Plan/Program for the hospital. It is your task to now add the “content” to the outline for the Information Governance Plan/Program. That is you are to prepare an Information Governance Policy/Program for CITY GENERAL HOSPITAL. All IG policies or programs are somewhat different and unique to the industry and to the organization. There are a number of sample Information Governance Policy/Program templates and samples on the internet. Attached to the end of this document is a sample Information Governance Policy template that was copied verbatim from the website https://www.infogovbasics.com/creating-a-policy/.

Please feel free to browse the internet to get a flavor for what an actual IG Policy/Program might look like. If you desire, use the template attached to the end of this document as an outline for how you might choose to format your IG Policy/Program for CITY GENERAL HOSPITAL and what you might want to include in your IG policy/program. Alternatively, you may use the outline for the IG Plan that your team developed during residency weekend. You may also use the work the group performed during residence weekend as a “starting point” for developing your own IG plan, if you liked portions of what the group did but believe it still needs work.

It is certainly not a requirement that you use the attached sample as a guideline for formatting your own, or that you use anything that your team prepared during residency weekend. It makes no difference how you arrived at the final format for the IG Plan that you submit as long as you give credit to all source(s), if any, that you looked to in formulating your IG Plan or any portion of your plan.

You may determine that you have developed on your own something superior to the outline herein below, the outline developed by your team during residency weekend, and anything you have found as part of your research. If that is the case, then use your own model! The sample at the

end of this document is merely attached for your convenience as one example of what might be contained in your IG policy/program, and in what format. Do as much research from all sources you have access to or can locate to determine how you want to format your own IG Policy/program, and the types of things you will include. If you decide to use the attached sample, or the outline created by your group during residency weekend, still you are required to customize them to meet the distinct characteristics and needs of CITY GENERAL HOSPITAL and to add the detail required. Please know, this assignment DOES NOT consist of submitting an outline as you did during residency weekend. This assignment is to submit “THE” Information Governance Plan for CITY GENERAL HOSPITAL.

Please do not misconstrue the sample/example format attached hereto or the outline that your team developed during residency weekend. Both are merely outlines. They are skeletons that contain only headings for the types of things you will discuss as part of your IG Plan. In this assignment, you must include actual content or provide instruction for each section listed, and include your own additional subsections where appropriate. For example, you will see on one portion of the attached example the following:

Roles and Responsibilities

The first major section of most frameworks clearly define key roles and their responsibilities, including:

Information Governance Committee Information Governance Team Information Risk Management Information Asset Management Records Manager

Line-of-Business Managers Employees

“Roles and Responsibilities” is merely a category or heading for one portion of the IG policy/program. The sentence that reads, “The first major section of most frameworks clearly define key roles and their responsibilities including:” is nothing more than an instruction from me to you describing the section. Then the 7 lines that follow is just an example of the key players for this particular example. In your IG Plan that you submit to me, if you have a section that looks like this, then you must also include a description of the roles and responsibilities for each entity/position described herein above. You will not include in your IG policy/program that you turn in to me the descriptions of what each category is used for, which is what I gave to you through what was intended to be nothing more than a “tip” to you on what to put in that section.

Please remember that I said I want you to use sentence form. Please don’t just give me listings like that which is included in the outline for Roles and Responsibility example above. The IG policy/program that you submit should be so much more than just bullet items with sentences of explanation. You will lose a significant number of points if you decide to give me bulleted items

only.

However, please, please, please do not plagiarize by copying another IG policy that you find on the internet (or anywhere else). Remember, I will run the IG Policy that you submit through a plagiarism checker that will compare it with others on the web and with those of the other students in the class. Where it finds a match it will give me the source. In addition, it will break down your paper and will tell me what percentage of your entire paper was plagiarized from different sources.

If you use anything from an IG policy that you find on the Internet, please give credit to the source so that the plagiarism issue will not come up.

The IG Policy that you develop should be specific to CITY GENERAL HOSPITAL and unique to the organization’s needs. Where you decide that CITY GENERAL HOSPITAL should use cloud computing, mobile devices, and to the extent that you decide that it is appropriate for CITY GENERAL HOSPITAL to engage in enterprise social media, state the decisions you have made as those things will be reflected in your IG policy. Explain any decisions or assumptions you have made for CITY GENERAL HOSPITAL that were not outlined in the description of the company.

This phase (phase III) of your project is due no later than at 11:30 p.m. Eastern Standard Time on December 2, 2018. Make sure to submit the project in WORD format. Use 1 inch top, bottom, left and right margins on each page. Include a cover page that will contain the Course name and number, semester term, your full name, student id, and the title of your paper:

CITY GENERAL HOSPITAL CORPORATION INFORMATION GOVERNANCE POLICY/PROGRAM IMPLEMENTATION PHASE III

This portion of the semester project is worth 10% of the overall grade.

You should submit this assignment using iLearn. Go to the content section where you will see a folder labeled “SEMESTER PROJECT. Select that folder. You will then see selections for submitting III. Please select that link for Phase III, then and upload the WORD document that you created.

This assignment must be submitted no later than 11:30 p.m. Eastern Standard Time on Sunday, December 2, 2018. Assignments will not be accepted late. This means that you should not plan to contact me at 11:35 p.m. or 11:59 p.m. in order to request that I accept a late submission. I will not.

SAMPLE TEMPLATE FOR FORMAT AND CONTENT OF AN INFORMATION GOVERNANCE POLICY

The remainder of this paper was reproduced for educational purposes in its entirety from: https://www.infogovbasics.com/creating-a-policy/

A Definition of Scope

The framework should begin by establishing the full extent of the Information Governance program. An example of this could be:

“The Information Governance framework covers all staff that create, store, share and dispose of information. It sets out the procedures for sharing information with stakeholders, partners and suppliers. It concerns the management of all paper and electronic information and its associated systems within the organization, as well as information held outside the organization that affects its regulatory and legal obligations.”

Roles and Responsibilities

The first major section of most frameworks clearly define key roles and their responsibilities, including:

Information Governance Committee Information Governance Team Information Risk Management Information Asset Management Records Manager

Line-of-Business Managers Employees

Information Policies

Information Governance covers a wide range of policies. The framework should set out which corporate policies are relevant to the Information Governance program. These may include:

▪ Information security policy ▪ Records management policy

• ▪  Retention and disposal schedules
• ▪  Archiving policy
• ▪  Data privacy policy
• ▪  ICT policy
• ▪  Information sharing policy
• ▪  Remote working policy

Information Procedures

A major part of the Information Governance framework should set out how the organization and its employees work with information. This can be broken into separate sections covering:

• ▪  Legal and regulatory compliance
• ▪  Creating and receiving information
• ▪  Acceptable content types
• ▪  Managing the volume of information
• ▪  Managing Personal Information
• ▪  Storing and archiving information
• ▪  Collaboration and sharing information
• ▪  Disposing of information

Working with Third Parties

As more and more information that affects a business is created and stored elsewhere it is essential

to establish how the organization operates and shares information with stakeholders, partners and suppliers. The framework should:

• ▪  Define the policies for sharing information with third parties
• ▪  Define how the organization can manage how third parties handle personal and confidential information
• ▪  Define how Information Governance fits within supplier relationships and contractual obligations
• ▪  Define measurement and metrics for third party meeting the organization’s Information Governance

goals

Disaster Recovery, Contingency and Business ContinuityThe framework should set out the organization’s approach to:

• ▪  Reporting information losses
• ▪  Reporting information security breaches
• ▪  Incident management and escalation
• ▪  Back up and disaster recovery
• ▪  Business continuity management

Auditing, Measurement and Review

Information Governance is a continuous improvement process so it must be underpinned by a continuous monitoring procedure. The framework can set out the organization’s approach to:

▪ Monitoring information access and use

• ▪  Monitoring effectiveness of regulatory compliance
• ▪  Monitoring the effectiveness of information security policy and procedure ▪ Monitoring of ICT and storage infrastructure performance

▪ Risk assessment and auditing▪ Information Governance review

Like many things in Information Governance, there is a balance to be achieved with the Information Governance framework. The more comprehensive the document, the better. However, it shouldn’t become so large and unwieldy that it ends up gathering dust on the shelf.