InfoGov Wiki

Information Governance Wiki

This website has been developed to provide IG professionals with a single resource covering the key aspects of PKB's Information Governance approach.

If you are unable to find what you are looking for or feel that certain documentation should be included, please email ig@patientsknowbest.com - we will be happy to assist with your query and welcome suggestions on how we could improve this website.

Compliance Pack (Zip Archive)

For convenience, all key documents can be downloaded as a single archive for local reference and attachment to other documentation.

Direct link: https://drive.google.com/file/d/15xPAeFpeZi6wzEuxRbWu-ass-clAycDi/view?usp=sharing

Site Map

  • Agreements and Legal

    • Dataflows -- An overview of the dataflows, a detailed and deployment-specific dataflow will need to be produced by Providers

    • DPIA -- PKB's Data Protection Impact Assessment (Published in 2020)

    • JCA -- The Joint Controller Agreement, replaces previous agreements like the Information Processing Agreement

    • Legal Opinion -- Legal opinion from Tim Pitt-Payne QC of 11KBW, lay summary by DAC Beachcroft LLP

    • The Model -- An overview of the lawful basis and PKB Joint Controller Model


  • Registrations & Certification

    • Cyber Essentials Plus -- PKB's CE+ certification

    • DSPT -- Details of PKB's Data Security and Protection Toolkit

    • DTAC -- Details of PKB's DTAC submission

    • ISO27001 -- ICO27001 certificate for Google Cloud Platform and PKB's own ICO27001 compliance documents

    • ODS, ICO, etc. -- Registrations; ICO Data Protection Register, NHS Data Organisation Service, etc.