You can find all of the NHSBSA’s policies and procedures here.
Acceptable use policy (PDF: 181KB)
An introduction to data protection, FOI and information security for employees (PDF: 195KB)
Business continuity management policy (PDF: 203KB)
Business continuity management strategy (PDF: 62.9KB)
CCTV code of practice (PDF: 405KB)
Confidentiality audit procedure (PDF: 202KB)
Classification scheme and records retention schedule scope notes (PDF: 563KB)
Data classification matrix (Excel: 55KB)
Data handling and storage policy (PDF: 233KB)
Data protection policy (PDF: 223KB)
Data protection - subject access request procedure (PDF: 286KB)
Data protection - subject access request application form (PDF: 270KB)
End user computing policy (PDF: 121KB)
Equality and diversity policy (PDF: 197.59KB)
Freedom of information policy (PDF: 199KB)
Freedom of information request procedure (PDF: 149KB)
Information governance policy (PDF: 315KB)
Information governance strategy (PDF: 122KB)
Information Governance Steering Group terms of reference (PDF: 50.7KB)
Information security policy (PDF: 225KB)
Information security incident handling procedure (PDF: 177KB)
Information security incident reporting procedure (PDF: 221KB)
Mobile computing policy (PDF: 256KB)
Pseudonymisation and anonymisation of data policy (PDF: 144KB)
Records management audit framework (PDF: 374KB)
Records management BCS and scope notes (PDF: 563KB)
Records management business classification scheme (BCS) (PDF: 327KB)
Records management business rules (PDF: 300KB)
Records management guidance (full) (PDF: 681KB)
Records management guidance (summary) (PDF: 207KB)
Records management policy (PDF: 194KB)
Records management retention schedule (Excel: 221KB)
Records management strategy (PDF: 161KB)
Registration authority and smartcard management procedure (PDF: 332KB)