You can find all of our policies and procedures here.
Acceptable use policy (PDF: 181KB)Anonymisation and pseudonymisation standard (PDF: 112KB)Business continuity management policy (PDF: 138KB)Business continuity management strategy (PDF: 62.9KB)Caldicott principles (PDF: 66.8KB)CCTV code of practice (PDF: 405KB)Confidentiality audit procedure (PDF: 202KB)Classification scheme and records retention schedule scope notes (PDF: 563KB)Data classification matrix (Excel: 55KB)Data handling and storage policy (PDF: 233KB)Data protection and confidentiality policy (PDF: 198KB)Data Protection, Re-use of Public Sector Information Regulations, Environmental Information Regulations and Freedom of Information review procedure (PDF: 187KB)Data subject rights request procedure (PDF: 63.5KB)Destruction standard (PDF: 64.1KB)End user computing policy (PDF: 126KB)Equality and diversity policy (PDF: 197.59KB)Freedom of information policy (PDF: 168KB)Freedom of information request procedure (PDF: 149KB)Home working computer security policy (PDF: 378KB)Information governance policy (PDF: 163KB)Information governance strategy (PDF: 122KB)Information Governance Steering Group terms of reference (PDF: 50.7KB)Information security policy (PDF: 221KB) Information security incident management standard procedure (Word: 2.21MB)Mobile computing policy (PDF: 188KB)New tender documentsNHSBSA subject access application form (PDF: 268KB)Records management audit framework (PDF: 374KB)Records management BCS and scope notes (PDF: 563KB)Records management business classification scheme (BCS) (PDF: 327KB)Records management business rules (PDF: 300KB)Records management guidance (full) (PDF: 681KB)Records management guidance (summary) (PDF: 207KB)Records management policy (PDF: 183KB)Records management retention schedule (Excel: 252KB)Records management standard (PDF: 121KB)Records management strategy (PDF: 161KB)Registration authority and smartcard management procedure (PDF: 332KB)Whistleblowing policy (PDF: 168KB)