Data governance for Stroke Foundation Audit 2023
Data governance is of paramount importance to Stroke Foundation. We have strict policies and procedures to ensure the integrity and security of the data we collect. We have reviewed our data governance in the lead up to Acute Audit 2023.
The purpose of the Audit is to support hospitals to monitor and improve the care of people affected by stroke and it is provided free of charge to ensure it is accessible to all. Audit reports provide national benchmarking and present data in an accessible format to help services and state clinical networks to identify where improvements are required, to lobby for change and celebrate success.
Data governance principles for 2023:
- Independent advice concluded that the Stroke Foundation Audit does not require ethics approval, as it does not collect identifiable data and should be considered routine clinical practice related to reviewing and improving processes of care.
- Audit data is not visible to, or shared with, other programs that use the AuSDaT (for example the Australian Stroke Clinical Registry).
- Patient first name and last name are used to create a record in the Australian Stroke Data Collection Tool (AuSDaT) but are not stored. The AuSDaT converts name, date of birth and gender, into a code known as a statistical linkage key (SLK). This is used by various government databases and allows the database to prevent an episode of care from being entered more than once. Data cannot be re-identified from the SLK. More information about SLKs can be found at the Australian Institute of Health and Welfare's (AIHW) Metadata Online Registry (METEOR).
- Stroke Foundation Audit complies with National Privacy Legislation and specific jurisdictional requirements e.g., the NSW Health Records and Information Privacy Act 2002.
- Server provision for the AuSDaT is by Amazon Web Services (AWS) Australia, based in Sydney. AWS is compliant with internationally recognised standards for information security management best practices, comprehensive security controls, and protection of data. The database is protected by Secure Sockets Layer, the highest available level of security.
- Stroke Foundation commissions periodic penetration testing (an evaluation of security) on the AuSDaT to ensure there are no weaknesses in the system.
- We strongly promote the review of audit data for quality improvement and encourage sites to consent to us sharing a summary of their site data with their state clinical network or health department. This is to allow for collaborative efforts for improvement across each state and territory.
For more detailed information about audit data governance, please contact us on email@example.com