ITS 833 – INFORMATION GOVERNANCE


ITS 833 – INFORMATION GOVERNANCE
FALL – MAIN-TERM 2018
SEMESTER PROJECT – PHASE III
Before beginning work on Phase III of your semester project, please refer back to the
company description for CITY GENERAL HOSPITAL, which is in the CONTENT folder,
and within that in the SEMESTER RESEARCH PROJECT folder.
INSTRUCTIONS FOR PHASE III
During residency weekend your team worked on an outline for an overall Information Governance
Plan/Program for the hospital. It is your task to now add the “content” to the outline for the
Information Governance Plan/Program. That is you are to prepare an Information Governance
Policy/Program for
CITY GENERAL HOSPITAL. All IG policies or programs are somewhat
different and unique to the industry and to the organization. There are a number of sample
Information Governance Policy/Program templates and samples on the internet. Attached to the
end of this document is a sample Information Governance Policy template that was copied
verbatim from the website
https://www.infogovbasics.com/creating-a-policy/.
Please feel free to browse the internet to get a flavor for what an actual IG Policy/Program might
look like. If you desire, use the template attached to the end of this document as an outline for how
you might choose to format your IG Policy/Program for
CITY GENERAL HOSPITAL and what you
might want to include in your IG policy/program. Alternatively, you may use the outline for the
IG Plan that your team developed during residency weekend. You may also use the work the
group performed during residence weekend as a “starting point” for developing your own IG plan,
if you liked portions of what the group did but believe it still needs work.
It is certainly not a requirement that you use the attached sample as a guideline for formatting your
own, or that you use anything that your team prepared during residency weekend. It makes no
difference how you arrived at the final format for the IG Plan that you submit as long as you give
credit to all source(s), if any, that you looked to in formulating your IG Plan or any portion of your
plan.
You may determine that you have developed on your own something superior to the outline herein
below, the outline developed by your team during residency weekend, and anything you have
found as part of your research. If that is the case, then use your own model! The sample at the
end of this document is merely attached for your convenience as one example of what might be
contained in your IG policy/program, and in what format. Do as much research from all sources
you have access to or can locate to determine how you want to format your own IG Policy/program,
and the types of things you will include. If you decide to use the attached sample, or the outline
created by your group during residency weekend, still you are required to customize them to meet
the distinct characteristics and needs of
CITY GENERAL HOSPITAL and to add the detail required.
Please know, this assignment DOES NOT consist of submitting an outline as you did during residency
weekend. This assignment is to submit “THE” Information Governance Plan for CITY GENERAL
HOSPITAL.

Please do not misconstrue the sample/example format attached hereto or the outline that your team
developed during residency weekend. Both are merely outlines. They are skeletons that contain
only headings for the types of things you will discuss as part of your IG Plan. In this assignment,
you must include actual content or provide instruction for each section listed, and include your
own additional subsections where appropriate. For example, you will see on one portion of the
attached example the following:
Roles and Responsibilities
The first major section of most frameworks clearly define key roles and their responsibilities,
including:
Information Governance Committee
Information Governance Team
Information Risk Management
Information Asset Management
Records Manager
Line-of-Business Managers
Employees
“Roles and Responsibilities” is merely a category or heading for one portion of the IG
policy/program. The sentence that reads, “
The first major section of most frameworks clearly
define key roles and their responsibilities including
:” is nothing more than an instruction from
me to you describing the section. Then the 7 lines that follow is just an example of the key
players for this particular example. In your IG Plan that you submit to me, if you have a section
that looks like this, then you must also include a description of the roles and responsibilities for
each entity/position described herein above. You will not include in your IG policy/program that
you turn in to me the descriptions of what each category is used for, which is what I gave to you
through what was intended to be nothing more than a “tip” to you on what to put in that section.
Please remember that I said I want you to use sentence form. Please don’t just give me listings
like that which is included in the outline for Roles and Responsibility example above. The IG
policy/program that you submit should be so much more than just bullet items with sentences of
explanation. You will lose a significant number of points if you decide to give me bulleted items
only.
However, please, please, please do not plagiarize by copying another IG policy that you find on
the internet (or anywhere else). Remember, I will run the IG Policy that you submit through a
plagiarism checker that will compare it with others on the web and with those of the other students
in the class. Where it finds a match it will give me the source. In addition, it will break down your
paper and will tell me what percentage of your entire paper was plagiarized from different sources.

If you use anything from an IG policy that you find on the Internet, please give credit to the source
so that the plagiarism issue will not come up.
The IG Policy that you develop should be specific to
CITY GENERAL HOSPITAL and unique to
the organization’s needs. Where you decide that
CITY GENERAL HOSPITAL should use cloud
computing, mobile devices, and to the extent that you decide that it is appropriate for
CITY
GENERAL HOSPITAL
to engage in enterprise social media, state the decisions you have made as
those things will be reflected in your IG policy. Explain any decisions or assumptions you have
made for
CITY GENERAL HOSPITAL that were not outlined in the description of the company.
This phase (phase III) of your project is due no later than at 11:30 p.m. Eastern Standard Time on
December 2, 2018. Make sure to submit the project in WORD format. Use 1 inch top, bottom,
left and right margins on each page. Include a cover page that will contain the Course name and
number, semester term, your full name, student id, and the title of your paper:
CITY GENERAL HOSPITAL CORPORATION
INFORMATION GOVERNANCE POLICY/PROGRAM IMPLEMENTATION
PHASE III
This portion of the semester project is worth 10% of the overall grade.
You should submit this assignment using iLearn. Go to the content section where you will see a
folder labeled “SEMESTER PROJECT. Select that folder. You will then see selections for
submitting III. Please select that link for Phase III, then and upload the WORD document that you
created.
This assignment must be submitted no later than 11:30 p.m. Eastern Standard Time on Sunday,
December 2, 2018.
Assignments will not be accepted late. This means that you should not plan
to contact me at 11:35 p.m. or 11:59 p.m. in order to request that I accept a late submission. I
will not.

SAMPLE TEMPLATE FOR FORMAT AND CONTENT OF AN
INFORMATION GOVERNANCE POLICY
The remainder of this paper was reproduced for educational purposes in its
entirety from:
https://www.infogovbasics.com/creating-a-policy/
A Definition of Scope
The framework should begin by establishing the full extent of the Information Governance program.
An example of this could be:
“The Information Governance framework covers all staff that create, store, share and dispose of information.
It sets out the procedures for sharing information with stakeholders, partners and suppliers. It concerns the
management of all paper and electronic information and its associated systems within the organization, as
well as information held outside the organization that affects its regulatory and legal obligations.”
Roles and Responsibilities
The first major section of most frameworks clearly define key roles and their responsibilities,
including:
Information Governance Committee
Information Governance Team
Information Risk Management
Information Asset Management
Records Manager
Line-of-Business Managers
Employees
Information Policies
Information Governance covers a wide range of policies. The framework should set out which
corporate policies are relevant to the Information Governance program. These may include:
Information security policy
Records management policy
Retention and disposal schedules
Archiving policy
Data privacy policy
ICT policy
Information sharing policy
Remote working policy
Information Procedures
A major part of the Information Governance framework should set out how the organization and its
employees work with information. This can be broken into separate sections covering:
Legal and regulatory compliance
Creating and receiving information
Acceptable content types
Managing the volume of information
Managing personal information
Storing and archiving information
Collaboration and sharing information
Disposing of information
Working with Third Parties
As more and more information that affects a business is created and stored elsewhere it is essential
to establish how the organization operates and shares information with stakeholders, partners and
suppliers. The framework should:
Define the policies for sharing information with third parties
Define how the organization can manage how third parties handle personal and confidential information
Define how Information Governance fits within supplier relationships and contractual obligations
Define measurement and metrics for third party meeting the organization’s Information Governance
goals
Disaster Recovery, Contingency and Business
Continuity
The framework should set out the organization’s approach to:
Reporting information losses
Reporting information security breaches
Incident management and escalation
Back up and disaster recovery
Business continuity management
Auditing, Measurement and Review
Information Governance is a continuous improvement process so it must be underpinned by a
continuous monitoring procedure. The framework can set out the organization’s approach to:
Monitoring information access and use
Monitoring effectiveness of regulatory compliance
Monitoring the effectiveness of information security policy and procedure
Monitoring of ICT and storage infrastructure performance
Risk assessment and auditing
Information Governance review
Like many things in Information Governance, there is a balance to be achieved with the Information
Governance framework. The more comprehensive the document, the better. However, it shouldn’t
become so large and unwieldy that it ends up gathering dust on the shelf.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s