Information Governance

This is how we ensure personal and corporate information is dealt with legally, securely, efficiently and effectively to appropriate ethical and quality standards.

Information that was held by Cambridgeshire and Peterborough CCG transfered to NHS Cambridgeshire & Peterborough, our local Integrated Care Board (ICB), on 1 July 2022. The ICB is now the new data controller. Any question about the use of data, including patient data, by the new ICB should be directed to

Information is a vital asset, both in terms of the clinical management and care of individual patients and the efficient organisation of services and resources. NHS Cambridgeshire & Peterborough aims to safeguard patient confidentiality and maintain data security whilst empowering staff to perform their role within the boundaries of the good information governance.

Information governance is the way in which the NHS handles all of its information, in particular the personal and sensitive information relating to patients and employees.

The Information Governance team ensures these requirements are met by raising awareness about data protection, confidentiality and information security, and by performing audits to ensure standards are maintained.

It provides a framework to ensure that personal information is dealt with legally, securely, efficiently and effectively, in order to deliver the best possible care. 

It also offers NHS employees a clear structure to deal consistently with the many different rules about how information is handled, including those set out in:

•    The Data Protection Act 2018
•    The Common Law Duty of Confidentiality
•    The Confidentiality NHS Code of Practice
•    Information Security Management NHS Code of Practice
•    The Records Management Code of Practice 2021
•    The Freedom of Information Act 2000

The IG Framework is supported by a set of approved policies, procedures and guidelines. Key policies in the framework are available to download further down this page.

Ensuring that our staff and clinical leaders are suitably equipped to manage this important area of work is a key priority for NHS Cambridgeshire & Peterborough and integral to our capacity to deliver on plans to build local trust. The penalties for breaking data protection and associated laws can be significant. These include:

  • Organisations can be fined for each data breach and/or subjected to other sanctions
  • Individuals responsible for breaches may be subject to disciplinary action that can result in dismissal
  • Staff morale can be affected – and reputations which organisations have worked hard to build over many years, can take even longer to rebuild among local communities

To find out more, visit:


Cambridgeshire and Peterborough Information Sharing Framework

We are a member of the Cambridgeshire and Peterborough Information Sharing Framework, which is hosted by Cambridgeshire County Council on behalf of all participating organisations in the area. Its aim is to facilitate more effective data sharing across Cambridgeshire and Peterborough where this is needed to improve service delivery or to enable each organisation to respond quickly to customer needs. The web page sets out which organisations have signed up to the Framework and provides a brief summary of its responsibilities.