The Christie NHS FT Annual Report & Accounts 2019-20

Annual Governance Statement

places reliance. NHS Shared Business Services (SBS) provides the Trust’s payroll service and the Trust receives an independent “Service Quality Report” in relation to SBS’s operations. As a result of the Covid-19 pandemic, the report was qualified. The Trust has reviewed the report and the issues identified and assured itself that sufficient mitigation’s exist that assurance can still be gained from the report. Information governance Our current top 3 data security risks, as advised by an external specialist, are managed through compliance with the data security and protection toolkit which is mandated by NHS Digital. In addition to the toolkit, we are also working towards Cyber Essentials Plus accreditation and this is recorded in the corporate risk register. Data security and information governance incidents are managed in accordance with internal and external reporting requirements; for the year 2019–20 the trust had no externally reportable data breaches. Information governance risks are managed as part of the risk management systems and processes and assessed using the data security and protection toolkit. The Trust’s risk register is updated with currently identified information risks including data quality and data security which are reviewed by the Risk and Quality Governance Committee. We are compliant with GDPR legislation which came into effect on 25 th May 2018. Compliance is monitored through our risk management systems and the data security and protection toolkit. In addition,

has key work-streams aiming to deliver cost improvements across the health economy. GM has a large and varied programme of works and as these work streams progress over the subsequent years, we will benefit from scheme implementation. Specific areas of opportunity include pharmacy and back office functions; in particular, the Trust is progressing a new Pharmacy Supply Chain model with Trusts across GM that should lead to improved efficiencies from staffing and proactively with partners in GM Cancer to deliver improvements and efficiencies to patient cancer care pathways across the city. My review is also informed by comments made by the external auditors in their management letter and other reports. I have been advised on the implications of the result of my review of the effectiveness of the system of internal control by the board, audit, quality assurance, risk and clinical governance committees and a plan to address weaknesses and ensure continuous improvement of the system is in place. The overall Head of Internal Audit opinion for the period 1st April 2019 to 31st March 2020 provides Substantial Assurance; that there is a good system of internal control designed to meet the organisation’s objectives, and that controls are generally being applied consistently. The Trust has examined the assurances provided over key contractual relationships third party providers upon which the Trust productivity improvements across organisations. We are also working

149