You can find all of the NHSBSA’s policies and procedures here.
Acceptable use policy (PDF: 181KB)
Anonymisation and pseudonymisation standard (PDF: 112KB)
Business continuity management policy (PDF: 138KB)
Business continuity management strategy (PDF: 62.9KB)
Caldicott principles (PDF: 66.8KB)
CCTV code of practice (PDF: 405KB)
Confidentiality audit procedure (PDF: 202KB)
Classification scheme and records retention schedule scope notes (PDF: 563KB)
Data classification matrix (Excel: 55KB)
Data handling and storage policy (PDF: 233KB)
Data protection and confidentiality policy (PDF: 198KB)
Data protection - subject access request procedure (PDF: 276KB)
Data protection - subject access request application form (PDF: 58.4KB)
Destruction standard (PDF: 64.1KB)
End user computing policy (PDF: 126KB)
Equality and diversity policy (PDF: 197.59KB)
Freedom of information policy (PDF: 168KB)
Freedom of information request procedure (PDF: 149KB)
Home working computer security policy (PDF: 378KB)
Information governance policy (PDF: 163KB)
Information governance strategy (PDF: 122KB)
Information Governance Steering Group terms of reference (PDF: 50.7KB)
Information security policy (PDF: 221KB)
Information security incident handling procedure (PDF: 177KB)
Information security incident reporting procedure (PDF: 221KB)
Mobile computing policy (PDF: 188KB)
Records management audit framework (PDF: 374KB)
Records management BCS and scope notes (PDF: 563KB)
Records management business classification scheme (BCS) (PDF: 327KB)
Records management business rules (PDF: 300KB)
Records management guidance (full) (PDF: 681KB)
Records management guidance (summary) (PDF: 207KB)
Records management policy (PDF: 183KB)
Records management retention schedule (Excel: 244KB)
Records management standard (PDF: 121KB)
Records management strategy (PDF: 161KB)
Registration authority and smartcard management procedure (PDF: 332KB)