This website is no longer being updated. NHS Shropshire, Telford and Wrekin Clinical Commissioning Group was abolished on 1 July 2022 and its functions were transferred to a new organisation, NHS Shropshire, Telford and Wrekin Integrated Care Board.


Please visit to continue your search, and find out more about the new organisation.

NHS Shropshire, Telford and Wrekin CCG is a new single organisation which was established on 1 April, 2021. Please note that policies will be uploaded to this website as soon as documents are approved for publication.

This webpage will be regularly reviewed to ensure it is as up-to-date as possible.

Information Governance Handbook

Information Governance (IG) is the practice used by all organisations to ensure that information/data is efficiently managed and that appropriate policies, system processes and effective management accountability provides a robust governance framework for safeguarding information.

The IG handbook is intended to provide information to support and assist staff in meeting their obligations regarding good Information Governance and should be read in conjunction with the Information Governance Code of Conduct and Information Governance & Data Security and Protection Policies.



Information Governance Data Security and Protection Policy

The overarching Data Security and Protection policy provides an overview of the organisation’s approach to information governance and includes data protection and other related information governance policies, and details about the roles and management responsible for data security and protection in the organisation.


Information Governance Staff Code of Conduct

The Staff Code of Conduct sets out clear guidance and the Information Governance standards expected of staff working for the CCG.  All employees working in the CCG, including temporary staff such as all contractors, voluntary staff, and students are bound by a legal duty of confidence to protect personal information they may come into contact with during the course of their work.


Privacy Notice

The Privacy Notice explains how NHS Shropshire, Telford and Wrekin CCG respects your rights with regards to data privacy and data protection when you communicate (online or offline) with us through our websites, programmes and events.


Fraud, Bribery and Corrupton Policy

This policy relates to all forms of fraud, bribery and corruption and is intended to provide direction and help to all CCG staff and other stakeholders (including patients, visitors, temporary employees, locums, agency staff, contractors, suppliers and visiting clinicians) who may identify fraud or bribery, or suspect that fraud or bribery may have taken place.


Information Governance Breach Reporting

The Breach Reporting Standing Operating Procedure (SOP) sets out what staff should do when they become aware of a data security and protection breach/breach.


Subject Access Request Standard Operating Procedure

The Standing Operating Procedure (SOP) sets out what staff should do when receiving a request for personal information, such as medical information or staff information, and applies to NHS Shropshire, Telford and Wrekin Clinical Commissioning Group for records for which they are the Data Controller (or Data Processor as required).


Employee Privacy Notice

As part of its employment activities, NHS Shropshire, Telford and Wrekin CCG collects, stores and processes personal information about prospective, current and former staff.  The Privacy Notice includes applicants, employees (and former employees), workers (including agency, casual and contracted staff), volunteers, trainees and those carrying out work experience.

The CCG recognises the need to treat staff personal and sensitive data in a fair and lawful manner. No personal information held by the CCG will be processed unless the requirements for fair and lawful processing can be met.


Local Records Management Schedule

The localised retention schedule has been produced to support NHS Shropshire, Telford and Wrekin CCG employees to adopt a consistent approach to the practice of managing records.  The schedule is not an exhaustive list and focuses on the types of records as listed in the organisation’s asset register. The schedule is based on the NHSX Records Management Code of Practice for Health and Social Care 2020 and the NHS England Corporate Records Retention 2019. The schedule replaces guidance produced under Records Management: NHS Code of Practice 2016



1 page(s) of results

Page last updated 2 November 2021