Information Governance

Lean On Our Experience, Networks & Integrity

Information Governance


Information governance can sometimes feel like a barrier to launching innovations in the NHS, but it doesn’t have to be. Our experienced team has worked on some of the most complex information governance, data protection and information sharing challenges with a 100% success rate. Our go-to market strategies will ensure you have everything you need to implement your application from the get-go. 

We’ll assess your ongoing needs and design a streamlined governance plan for your business. In most cases, we can deliver all of your governance needs more effectively and efficiently from scratch but we are also happy to simply improve your existing arrangements.

​Whether your Governance Director or Data Protection Officer (DPO) needs support, or you are looking to save money and improve efficiency by outsourcing your governance needs by having our team act as your Governance Director and DPO, we can help. 8foldGovernance provides a modern, high quality, practical and responsive service at lower costs than WTE employees, year round.

No problem is too complex. Let us unblock your information governance issues quickly and efficiently so you can get on with the business of scaling your innovation.


Our offer to you
Governance - Information Governance

Support for the production and maintenance of local information governance policies and procedures. Provision of advice and support on the approval, ratification and adoption of information governance policies.

We can provide you with:​


  • Template policies and procedures that can be tailored to meet local requirements.
  • Best practice advice and guidance incorporated into approved local policy.

Provision of advice and support by telephone and/or email on any information governance issues, including existing operational processes and new business initiatives. Provision of advice and the latest guidance on the law and best practice.

Training in relation to information governance, including the development and provision of training materials to support local requirements as required, and the delivery of specialist training for key roles that is not covered by national online information governance training.

  • Ensuring your data is secure and protected
  • Providing update reports on benchmarking against IGT requirements
  • Supporting the collation and uploading of evidence to the DSPT.
  • Provision of advice and/or support on the investigation of possible data security breaches and incidents
  • Advising on incident assessment and reporting
  • Advice on post-incident reviews, root cause analysis and actions for local implementation.
  • Support the development of organisational DPIA procedures
  • Advise on the need to undertake a DPIA
  • Review and analysis of DPIA’s conducted by information sharing partners and suppliers.
  • Provision of audits on information governance and data security compliance, processes and policies
  • Audits can be arranged with the organisation in advance, or they could be spot-audits.
  • Data Controllers may receive Information Rights Requests from service users, customers or staff. These may include Subject Access Requests (SARs) objections to the processing of personal data or requests for personal data to be deleted
  • Public Authorities may receive Freedom of Information (FOI) requests from members of the public
  • These requests are statutory obligations with mandated response times and organisations must determine what information should be released
  • We can assist by providing you with advice on how to prepare for requests which you may receive and how to respond to requests you have received.
  • Advice, guidance and/or support regarding adherence with wider information governance related compliance support statements (e.g. Care Quality Commission; Registration Authority; Quality, Innovation, Productivity and Prevention (QIPP) programme; Cyber Essentials (+), ISO 27001).
  • Support and advice offered by telephone, online, email and/or face-to-face.
  • The Information Commissioner’s Office (ICO) is the UK’s independent authority set up to uphold information rights in the public interest, promoting openness by public bodies and data privacy for individuals.
  • Organisations may be contacted by the ICO if a complaint has been made or if a data breach has been reported to them.
  • We can support you in corresponding with the ICO and provide you with advice in relation to the information you should provide and the actions you should take to ensure the best possible outcome.
iPad with compliance graphic on Information Governance
We specialise in supporting NHS health and social care, and digital health technology companies.
  • Data Protection Officer Service (fully managed service or support for your named DPO)

  • Highly cost-efficient service

  • Ability to flex resource dependent on need as the information governance support is delivered ‘as a service’

  • True partnership working to provide the support you need

  • Mentoring and up-skilling your internal staff

  • Full visibility of the support service via a real time reporting tool

  • Practical ways to adopt new technology and practices.

What Our Clients Say

When we have a problem to solve or a complex issue to untangle around IG Adam is there to support us through it. Working with the 8fold team has made our lives a lot easier and built capacity within our team

Marc Singh Jones

The team are pleasant, extremely knowledgeable, thorough, prompt in responding to queries and keen to help in any way they could. The work completed on our behalf definitely exceeded expectations.

Michelle Whitham
NHS Thanet CCG