Common use of Informing Clause in Contracts

Informing. Service user volunteers were provided with a notice explaining that the PHR was in a proof of concept phase and also how any data the service user enters was used. Service user expectations are managed by clear communications on what the system can do and what it won’t do. In particular service users were and will be made aware that the PHR system is not a two way messaging solution. The exception to this is the Care@Home functionality as described above which supports virtual ▇▇▇▇ monitoring. Graphnet advise the technical security of the system has been assured and they have an annual security testing cycle in place. The underlying technical framework and the PHR itself has been subjected to both white and black box penetration testing as part of the security strategy. An in-depth two-week white box test was last performed Summer 2018 following the platform update, recommendations made were then successfully evaluated by a follow up 3-day black box test in Autumn 2018. The latest annual black box test was performed in October 2019. On behalf of the Lead Controller Organisation I confirm that the Data Protection Impact Assessment and the specific mitigation arrangements and residual risk status described in this schedule are satisfactory and have been agreed. {{*Comments1_es_:signer1:multiline(4):prefill(“DPO’s comments or ‘none’”) }}. Agreed by {{*DPOname_es_:signer1 }}(name) as Data Protection Officer, for and on behalf of {{*ORGname1_es_:signer1 }}(organisation). Regional Health and Social Care Information Sharing Agreement Information Governance Steering Group Chairperson On behalf of the Information Governance Steering Group I confirm that the Data Protection Impact Assessment and the specific mitigation arrangements and residual risk status described in this schedule are agreed. {{*Comments2_es_:signer2:multiline(2) prefill(“IGSG chair’s comments or ‘none’”) }}. Agreed by {{*IGSGname_es_:signer2 }}(name) as Chair, for and on behalf of the Regional Health and Social Care Information Sharing Agreement Information Governance Steering Group.

Informing. Service user volunteers were provided with a notice explaining that the PHR was in a proof of concept phase and also how any data the service user enters was used. Service user expectations are managed by clear communications on what the system can do and what it won’t do. In particular service users were and will be made aware that the PHR system is not a two way messaging solution. The exception to this is the Care@Home functionality as described above which supports virtual ▇▇▇▇ monitoring. Graphnet advise the technical security of the system has been assured and they have an annual security testing cycle in place. The underlying technical framework and the PHR itself has been subjected to both white and black box penetration testing as part of the security strategy. An in-depth two-week white box test was last performed Summer 2018 following the platform update, recommendations made were then successfully evaluated by a follow up 3-day black box test in Autumn 2018. The latest annual black box test was performed in October 2019. Data Protection Impact Assessment Signature and Approvals Page‌ On behalf of the Lead Controller Organisation I confirm that the Data Protection Impact Assessment and the specific mitigation arrangements and residual risk status described in this schedule are satisfactory and have been agreed. {{*Comments1_es_:signer1:multiline(4):prefill(“DPO’s comments or ‘none’”) }}. Agreed by {{*DPOname_es_:signer1 }}(name) as Data Protection Officer, for and on behalf of {{*ORGname1_es_:signer1 }}(organisation). Regional Health and Social Care Information Sharing Agreement Information Governance Steering Group Chairperson On behalf of the Information Governance Steering Group I confirm that the Data Protection Impact Assessment and the specific mitigation arrangements and residual risk status described in this schedule are agreed. {{*Comments2_es_:signer2:multiline(2) prefill(“IGSG chair’s comments or ‘none’”) }}. Agreed by {{*IGSGname_es_:signer2 }}(name) as Chair, for and on behalf of the Regional Health and Social Care Information Sharing Agreement Information Governance Steering Group.

Informing. Service user volunteers were provided with a notice explaining that the PHR was in a proof of concept phase and also how any data the service user enters was used. Service user expectations are managed by clear communications on what the system can do and what it won’t do. In particular service users were and will be made aware that the PHR system is not a two way messaging solution. The exception to this is the Care@Home functionality as described above which supports virtual ▇▇▇▇ monitoring. Graphnet advise the technical security of the system has been assured and they have an annual security testing cycle in place. The underlying technical framework and the PHR itself has been subjected to both white and black box penetration testing as part of the security strategy. An in-depth two-week white box test was last performed Summer 2018 following the platform update, recommendations made were then successfully evaluated by a follow up 3-day black box test in Autumn 2018. The latest annual black box test was performed in October 2019. On behalf of the Lead Controller Organisation I confirm that the Data Protection Impact Assessment and the specific mitigation arrangements and residual risk status described in this schedule are satisfactory and have been agreed. {{*Comments1_es_:signer1:multiline(4):prefill(“DPO’s comments or ‘none’”) }}} ▇▇▇▇▇▇ ▇▇▇▇▇ . ▇▇▇▇▇▇ ▇▇▇▇▇ (Jun 19, 2020 15:50 GMT+1) ▇▇▇▇▇▇▇▇▇▇▇@▇▇▇.▇▇▇ Agreed by {{*DPOname_es_:signer1 }}(name) ▇▇▇▇▇▇ ▇▇▇▇▇ as Data Protection Officer, for and on behalf of {{*ORGname1_es_:signer1 }}(organisation). Regional Frimley Health and Social Care Information Sharing Agreement Information Governance Steering Group Chairperson On behalf of the Information Governance Steering Group I confirm that the Data Protection Impact Assessment and the specific mitigation arrangements and residual risk status described in this schedule are agreed. NHS Foundation Trust Agreed Chairperson’s comments: {{*Comments2_es_:signer2:multiline(2) prefill(“IGSG chair’s comments or ‘none’”) }}. } ▇ ▇ ▇▇▇▇▇▇▇▇▇ (Jun 19, 2020 09:59 GMT+1) ▇▇▇▇.▇▇▇▇▇▇▇▇▇@▇▇▇.▇▇▇ Agreed by {{*IGSGname_es_:signer2 }}(name) ▇ ▇ ▇▇▇▇▇▇▇▇▇ as Chair, for and on behalf of the Regional Health and Social Care Information Sharing Agreement Information Governance Steering Group.