Need to know more about Health Records & Archives?
Need to know more about Managing
NHS Scotland / England Records Management Code of Practice
Implementing and maintaining an effective records management service depends on knowledge of what records are held, where they are stored, who manages them, in what form(s) they are made accessible, and their relationship to organisational functions ( e.g. Finance, Estates, IT, Direct patient care). An information survey or record audit is essential to meeting this requirement. The survey will also help to promote control over the records, and provide valuable data for developing records appraisal and disposal policies and procedures.
Paper and electronic record keeping systems should contain descriptive and technical documentation to enable the system to be operated efficiently and the records held in the system to be understood. The documentation should provide an administrative context for effective management of the records.
The record keeping system, whether paper or electronic, should include a documented set of rules for referencing, titling, indexing and, if appropriate, the protective marking of records. These should be easily understood to enable the efficient retrieval of information when it is needed and to maintain security and confidentiality.
Where records are kept in electronic form, wherever possible they should be held within an Electronic Document and Records Management System ( EDRMS) which conforms to the standards of the European Union "Model Requirements" (MoReq). Find more details here
Records should be structured within an organisation-wide corporate "Fileplan" which reflects the functions and activities of the organisations and facilitates the appropriate sharing and effective retrieval of information.
Where an EDRMS is not yet available, electronic documents should be stored on shared, network servers in a clear and meaningful folder structure or "Fileplan" which represents the functions and activities of the organisation or unit. The server should be subject to frequent back-up procedures in line with the NHS Information Security policy. Users should apply the functionality of the relevant software to protect electronic documents against inappropriate amendment (for example, by password protecting documents.) Please note: It is almost impossible to fully protect documents in a non- EDRMS environment, or provide full audit and authenticity evidence.
The movement and location of records should be controlled to ensure that a record can be easily retrieved at any time, that any outstanding issues can be dealt with, and that there is an auditable trail of record transactions. The record-keeping system should also address the management of emails, including aspects such as the titling of emails and the handling of email attachments.
Storage accommodation for current paper records should be clean and tidy, should prevent damage to the records and provide a safe working environment for staff.
For records in digital format, maintenance in terms of back-up and planned migration to new platforms should be designed and scheduled to ensure continuing access to accurate, reliable and readable records.
Equipment used to store current records on all types of media should provide storage that is safe and secure from unauthorised access and meets health and safety and fire regulations, but which also allow maximum accessibility to the information commensurate with its frequency of use.
When paper records are no longer required for the conduct of current business, their placement in a designated secondary storage area may be a more economical and efficient way to store them. Procedures for handling records should take full account of the need to preserve important information and keep it confidential and secure. There should be policies and procedures in place for managing the lifestyles of both paper and electronic records.
A contingency or business continuity plan should be in place to provide protection for all types of records that are vital to the continued functioning of the organisation. Key expertise in relation to environmental hazards, assessment of risk, business continuity and other considerations is likely to rest with information security staff and their advice should be sought on these matters.