top of page

Healthcare information governance

Healthcare information governance

Information privacy, and governance is key across in all Industries where a large amount of personal information about customers is collected by organizations. This is all the more important for organizations in the healthcare sector. As trust plays a very important role in the healthcare industry. Patients entrust healthcare providers with information that needs to be safeguarded and stored confidentially.

The principles of information governance, known as the Information Governance Principles for Healthcare (IGPHC)™, are comprehensive and written broadly. These principles do not set forth a legal rule, but are intended to be interpreted and applied depending upon an organization’s type, size, role, mission, sophistication, legal environment, and resources. These principles that imply to both physical and electronic records are broadly based on the following attributes:

Principle of accountability – senior leadership oversight is important, the information governance program. The senior leader should be accountable and responsible for all aspects of the program, including adherence to policy, audit, alignment to strategic goals etc.

Principle of transparency – the processes and activities should be well documented and available to all concerned as a when required.

Principle of integrity – the information governance program should be constructed so the information expected by various stake holders like, patients, investors, and regulatory agencies, is authentic, timely, accurate, and complete.

Principle of protection – appropriate levels of protection should be built into, every system, electronic or manual, that generates, collects, stores, transmits, uses, archives, and dispositions data and information must be governed with protection in mind.

Principle of compliance – organization’s credibility and legal standing rest upon its ability to demonstrate that it conducts its activities in a lawful manner and manages information risks effectively, adhering to all privacy and confidentiality requirements.

Principle of availability – it is critical to maintain information in a manner that assists information availability, effective preservation and disposition, and effective database administration.

Principle of retention – the retention of information for an appropriate time, taking into account its legal, regulatory, fiscal, operational, risk, and historical requirements.

Principle of disposition – post the required retention period, secure and appropriate disposition for information no longer required to be maintained by applicable laws and the organization’s policies.

This blog post is a summary of the original article at


bottom of page